• Announcements

    • Shane D.

      Evernote Business Beta - Spaces   12/20/2017

      We're very excited to announce the public beta of an upcoming rework for Evernote Business! To learn more, go Here
    • Shane D.

      2018 Evernote Webinars   01/04/2018

      To kick off the new year, we're excited to announce our  updated schedule for our series of webinars! Please check the events calendar to see which one works best for you!
    • Shane D.

      Upcoming Forum Change Announcement   02/14/2018

      Hi All! You may be seeing some changes with overall organization and layout of the discussion forums. You can learn more by going to the 'Upcoming Forum Change Announcement' in the 'Community Announcements' sub-forum!  

Search the Community

Showing results for tags 'security'.



More search options

  • Search By Tags

    Type tags separated by commas.
  • Search By Author

Content Type


Calendars

  • Community Event Calendar
  • Evernote Events

Forums

  • General Discussion
    • Community Announcements
    • Evernote Business Public Beta - Spaces
    • Evernote General Discussions
    • Using Evernote
    • Evernote API Discussion
    • Evernote Integrations
    • Evernote Research Discussion
  • Possible Bugs/Technical Issues
    • Evernote Business
    • Evernote for Android
    • Evernote for iOS
    • Evernote for Mac
    • Evernote for Windows
    • Web Client
    • General Technical Issues
  • Product Feedback/Feature Requests
    • Evernote Business
    • Evernote for Android
    • Evernote for iOS
    • Evernote for Mac
    • Evernote for Windows
    • Evernote Web Client
    • General Feature Requests
  • International Forums
    • Japanese Discussions
    • Brazilian Portuguese Discussions
    • Discussions in Spanish
    • Korean Discussions
    • Traditional Chinese Discussions
  • Evernote Forum Archives
    • General Discussion Archive
    • Product Archives

Categories

There are no results to display.

There are no results to display.


Found 179 results

  1. Have the ability to lock individual notes, e.g., a password-protected note. It's available in OneNote
  2. I'm new with Evernote and having been scanning in lots of paper files. I didn't fully think through the security issues, however, and now I am realizing that I scanned in some documents (PDF) that have my Social Security number. Can I mask my social security number from PDFs using annotate tool by marking it out? Would that protect me or do I need to delete the note, and rescan the original document with the Social Security number blanked out? Thank you for any assistance you can provide.
  3. I can't image this has not been requested in the past, but I want to request encryption support for the Evernote client database (.exb). Currently the synced content is readily available in the clear and an account password is not needed to access it. All it takes is for someone to set up a temp Evernote account, then rename the target .exb database filename to match the name of the temp account and bam... they have the data. No password required. Massive concern in today's world.
  4. Hi, I am about to use Evernote for my personal and work. And I have some queries: 1) How secure and private are my confidential notes in Evernote? 2) Can any Evernote employee access and see my confidential notes? I know people can see my notes and things only if I give access to them but here I am talking about Evernote employees. 3) Is there any way to prevent Evernote from auto-saving into the cloud and make Evernote to save the notes on my PC? Thanks in advance. Guddu
  5. Hi, I hope this is the right place for this. I have just set up 2 factor authentication and went through the process of setting up my primary phone number etc. I wanted to set up a backup phone number as it is suggested and is a very sensible precaution. However it won't let me put in my phone number. I get a validation message saying 'Enter a valid phone number that can receive SMS messages.' The number I am trying to use is a UK landline. I suspect it thinks it can't send an SMS message to it as it is not a mobile. All BT openreach landlines in the UK are capable of receiving SMS messages, either with a phone that supports it (as I have) or through a text-to-speech implementation. As that is the only other number registered to me, it is the obvious choice as a backup number. I don't know if that is the same in other countries or not. I'm hoping a friendly Evernote employee will read this and be able to get the validation changed. Thanks for your time.
  6. I updated my Evernote account password via web account management and now my notes won't sync from the Windows PC client software. It's like different Evernote security/authentication servers are in use, and the sync between them is not working, or working abnormally slowly. Or a flag got set on my account because two different sets of passwords don't match. I don't know what the real deal is. The only way I can sign into the Windows PC client software is with my old password. When I try to use the new password, I am told it's an invalid password. I have logged out of everything Evernote multiple times on both my phone and the Windows client software. I can get into my web account management portal, I can access my notes in the Windows PC client. I just cannot make sync work now that my password has changed. Do I need to revert back to my old password? I would prefer not, but if that's what I have to do to get it to work, please let me know.
  7. Security flaw

    Hi, finally I could reach you, My issue is that when I open the app, it takes a second to ask the password. Until then all my data is visible. So what's the point of securing it with anything if anyone can have as many glimpses as the wish for? There could be also a more complicated password option and for some people even 2 factor authentication could be a choice. The latter for premiums. Thank you for your time, novroax
  8. I'm hoping that this is a silly question. I'm excited about the integration with Slack and Evernote, but my question is how secure is it? Meaning, my co-workers or co-worker/Slack admins can't access my personal Evernote even though I have connected my Slack account with my personal Evernote? I love being able to save Slack "clips"/ my working discussions with my Evernote for record-keeping, but am worried about co-workers or others browsing my personal Evernote which, like I said, I connected to my work Slack. Thanks for the help. I couldn't find any info online... I am sure that this connection would never be engineered this way, but thought I should ask.
  9. Change email address

    How do you change your email address on your account or profile. I have gone to help page and it tells me to go to the security settings, but I can't find any security settings that has anything to do with changing my email address on my account.
  10. I installed the latest update ( Version 6.13 –455673 Direct) for MacOS and noticed Evernote attempts to connect to tealiumiq upon startup. I know that tealiumiq is used for "tag management" and advertising. Can you please answer: Why exactly does Evernote want to attempt to tealiumiq's servers, is this connection necessary for the application and service to function properly, what data is sent to tealiumiq, how long is this information stored at tealiumiq, is it shared with any other organization, and is it used to advertise or market to users in any way? Thank you.
  11. ZERO-KNOWLEDGE!!!

    Evernote has a large page convincing people of it's security. Everybody's information is secure, right? Has anyone noticed that hacking large companies data is becoming MUCH more frequent?! Today, Equifax said that it may have been hacked again. Yahoo was hacked recently releasing info on 300 billion accounts. But here's the thing, if Evernote gets compromised, you lose a LOT more than just a username and password, you lose everything! Evernote NEEDS to adopt a ZERO KNOWLEDGE encryption, meaning that not even employees of the company can see what is on people's accounts, and if someone were to hack EVERNOTE, all they would get is encrypted info. Evernote will say that that's all people would get now, but if employees can see the data, hackers will be able to see the data. The data needs to be encrypted on the desktop, and needs to stay encrypted in the cloud. No matter how good Evernote's encryption is, it will be hacked at some point. PLEASE adopt zero-knowledge!
  12. I'm considering using Evernote, but before I make the plunge, I want to understand the following - How do you protect the confidentiality of data at rest? Do you support, or have plans to support multi-factor authentication, e.g., Google Authenticator? Thank you!
  13. Hi everyone, I lead Evernote's security team. We have received reports regarding what appears to be suspicious activity affecting a small percentage of our users. Our team is working with individual users to better secure their accounts and our security team believes that someone has learned these users’ passwords from a website or service not associated with Evernote. If you, or the people in your network receive an email from Evernote mentioning that we’ve detected suspicious activity, please know that this is not a hoax or spam message; it’s from us. To more quickly notify our customers in the future, we will roll out a new feature that will notify customers when we detect a new login from a new location or device.
  14. Hello, Anybody knowing why Evernote does not pass the brute force test in the DashLane test? https://blog.dashlane.com/dashlane-password-power-rankings-2017/ They say: "Does the website allow 10 incorrect login attempts without providing additional security (CAPTCHA, account lockout, 2-Factor, etc.)?" @Evernote: Is there a special reason or are there any plans for implementing this?
  15. Is there some way to put a password on individual notes (as opposed to encrypting selections of text)? I've searched high and low ... but cant figure out if this is possible. Thanks
  16. When I start Evernote via a shortcut on my Mac I firstly want to key in my password before the opening page with my notes become visible. I've this functionality on my i phone (Touch ID or 4-digit pin code). Momentarily the application opens directly and fully when I double click on the short cut logo of Evernote.
  17. I noticed that it doesn't seem possible to remove the primary phone number while two-step verification is enabled. Unfortunately, that weakens the security of two-step verification, even when using an authenticator app. This Wired article provides a great overview of the weakness of SMS-based two-step verification and its vulnerability to "sim swap" type attacks: https://www.wired.com/2016/06/hey-stop-using-texts-two-factor-authentication/ I'd love to see the ability to remove phone numbers as an override for authenticator-based two-step verification. I'd also love to see Evernote adopt the U2F protocol for improved two-factor security: https://www.yubico.com/solutions/fido-u2f/
  18. Has anyone found a way around the fact that you can't edit text inside an encryption? I have encrypted account information in a note that I'd like to space out and bold the titles to and it's super frustrating that all I can add are spaces because it's super wonky when on a phone.
  19. On request Evernote has issued a possibility to set a password protection lock on starting the iOS app (while being already logged in). That's nice. However, it is not secure and proves to have some flaws. When starting the Evernote app, first the last showed screen is visible shortly, but you can see (privacy-sensitive) information, if you want. After that, the passwordscreen appears. A flaw is that, when your last evernote-screen was a search-screen, the keyboard is still popped-up and covers the passwordscreen partly. I count this as a severe security issue and would like this to be solved with high priority. So not dependent of the number of 'popular votes'.
  20. I am an Evernote Plus member and have been since college. Recently downloaded the Evernote Desktop app for Mac on a work machine and was aghast to find it downloading all of my personal notebooks, and notebooks from previous jobs, upon first sign-in. This is really a deal-breaker for me since I do not wish to store all of my personal notes on my work computer. I think the following solutions would work: Encrypt certain notebooks with separate passwords. Ability to select certain notebooks for local syncing. Keep the others on Evernote's servers. Separate "profiles" or "accounts" all linked to my original Evernote account, with different notebooks. I could just sign in with my work email address, for example. Thanks!
  21. I would love to use Evernote at work, but uploading meeting minutes and other confidential data to the cloud is not an option. Therefore, we would like to host our own Evernote server on our premises. We're a fast growing company with 1k+ employees.
  22. Please refer to this article. In one line, it says "if your service uses 2-factor auth based on SMS (which Evernote does), you are vulnerable to have your phone number transferred and your 2-factor bypassed" https://www.forbes.com/sites/laurashin/2016/12/21/hackers-are-hijacking-phone-numbers-and-breaking-into-email-and-bank-accounts-how-to-protect-yourself/#4a2abe6f360f Suggested quick fix: Let users modify their phone number to 000-000-0000 if they are concerned.
  23. I got the same issue as Deworn but his post is from 2014. I have the version 6.5.4.4720 (304720) Public. I don't feel secure. How "encrypted" is my stuff?
  24. Pretty much self-explanatory. Text can be encrypted on a desktop and viewed on mobile but not encrypted on mobile. I know this has been posted many times before but it does not seem to be an "idea" so i thought to make it one.
  25. I like the text encryption feature in Evernote but that is insufficient for a Cloud based service, used across multiple platforms, used by a great many people, especially in these times. I believe that Evernote should provide users with the ability to encrypt entire notes, including images and attachments. Please seriously consider implementing this functionality as soon as possible. To not do so, presents loyal users with a significant risk to information confidentiality and integrity, with potentially serious impact should any such risk actualize. I believe that the lack of this functionality also highlights Evernote and its community as potential soft targets. That said, the alternative for Evernote users, at this time is to simply avoid the use of Evernote for documenting, sharing, managing or other handling of potentially sensitive or critical information (including personal notes, ideas, intellectual property and any personally identifying information - as a start) if that information is in any form other than text. Over time, this gap in Evernote security may erode the need for the service (given alternatives with better security). If EN planning/dev. staff want to discuss this further, please contact me or reply to this comment. Thanks in advance. B.