Search the Community

Showing results for tags 'security'.

More search options

  • Search By Tags

    Type tags separated by commas.
  • Search By Author

Content Type


  • Community Event Calendar
  • Evernote Events


  • General Discussions
    • Evernote General Discussions
    • Third Party Application Discussions
    • Using Evernote
    • Billing and Payments
  • Evernote Products
    • Evernote
    • Evernote Business
    • Evernote Web Clipper
    • Scannable
    • Skitch
    • Penultimate
    • Evernote Market
  • International Forums
    • Japanese Discussions
    • Brazilian Portuguese Discussions
    • Discussions in Spanish
    • Korean Discussions
    • Traditional Chinese Discussions

Found 153 results

  1. First time I tried to set up two-factor authentication, on the final step the screen displayed like this - the overlay window was super tiny. I couldn't click or see anything. Reloaded the page to fix, but then the whole process was cancelled and I had to re-enable two-factor authentication. Second time it displayed ok. Screenshot attached. Note sure if this would be browser related or evernote problem. Firefox 51.0.1. Just sharing in case anyone runs into a similar issue.
  2. I love Evernote, but it's preventing me from putting in sensitive content. For example, I can't keep a personal journal notebook, because other people (i.e. girlfriend, family members, etc.) could one day be looking at those notes, especially since they know that I use Evernote often for many purposes. Evernote already has the ability to encrypt single notes. This is useful for things like storing passwords or other temporary sensitive content. But it's not practical to encrypt many notes one by one. I wish I could password-protect a whole notebook. This way, I can do a lot more with Evernote. If I can encrypt single notes, then why can't Evernote just allow me to encrypt entire notebooks? If reason behind this is because Evernote thinks one could lose a lot of data if a notebook password is forgotten, then perhaps Evernote can help recover the passwords through email. In the meantime, I'm stuck with using other apps (i.e. Pages, Day One, etc) to password-protect my content. Any insight is greatly appreciated. Thanks.
  3. 2 Step, Access History, and Authorized Applications went out with last night's service update, works on all the clients, and is available to Premium and Business users (with eventual Free user rollout). You've been able to see access history for a while, and is available to all users. The official post is here:
  4. Great that Evernote supports 2-factor authentication via Google authenticator. What about support for the Fido U2F keys, such as from Yubico? Far more convenient way to get 2-factor authentication!
  5. Evernote urgently needs a way to clear recent search history. I see that people have been asking for this for years, and yet it's still not an option. Where is it even stored? I can't find it in any file, or in the registry. I tried uninstalling Evernote to clear it, and my recent searches came right back after I reinstalled. While trying to find out if this is currently possible, I came across one person who accidentally entered a password in his search history, and another who entered her SSN in the search box to find a PDF, where it is now stuck for anyone to find. Evernote has a serious security problem if its users can't control their own sensitive data.
  6. I have a personal Evernote account that I use for both business and personal information. I have access to it on my work computer, with Windows 7, since I need notes from both areas. I use the desktop app and sign out of Evernote when I leave. However, I worry about the confidentiality of my notes on the local drive and the company's ability to readily access them. Are they encrypted in any way? Can they be? Does the web app keep an image on the local drive? The more I read this post, the more I realize that the computer is theirs and they could do whatever they want. Is getting rid of the desktop app and using the web a solution? Thanks for the help.
  7. I would like to store some secure documents within Evernote, however Evernote for years has lacked full encryption on notes and has constantly ignored the request from many to fully encrypt our data. This should be core to the Evernote service offering. Users should have the ability to control their own encryption keys as well.
  8. I am constantly getting emails asking me to verify my email address using a link. I NEVER click on links in emails. I tried logging on to my Evernote account and verifying the email there and I just got sent another email with a link. This makes me think that the email is valid but I'm still not going to risk it. Is there any way to stop this?
  9. Hello, Evernote community, We are a small team of developers and we are passionate about our new product which is Saferoom. We have been working hard to provide users with zero-knowledge encryption functionality without destroying user's productivity. We wanted to build an encryption app that will be easy to use and allow anybody protect their personal data. Saferoom is now a set of mobile and desktop that together add full encryption capabilities on-top of Evernote. It means that you work with Evernote normally, and when you need to create or view an encrypted note you use Saferoom. All the time your encrypted items are part of Evernote notes, but you can see them (e.g. decrypt) only inside Saferoom app. And Evernote is just a beginning - we want Saferoom to be like "Passbook" for your encrypted data. Saferoom encrypts whole note including all the resources - independently of the resource type and your password is stored on the device only. It also means that password cannot be restored - that is a price for true zero-knowledge encryption. Our app is available in iTunes Store: And in Google Play Store: Saferoom Desktop for MacOS and Windows are free: Windows: And also you can use Saferoom Chrome extension: Here is a video demos of Saferoom capabilities: Any feedback is always welcomed.
  10. Hi everyone, I've just started the process of going paperless, which has included scanning in financial documents such as bank statements into synced notebooks. Having scanned a number of these documents, I've now decided they would be better off – more secure – in local notebooks. If I move a previously synced note to a new, local notebook, does a version of it still live somewhere on the cloud? Or is the cloud version deleted? If the latter, is there an official privacy statement somewhere to say so? I'm sure this question has been asked before, but I couldn't find any answers by searching. Thanks.
  11. MaidSafe -- A Revolution in Digital Security I just discovered this, but it may be the next big thing in the digital world. Don't miss this video! Please post your thoughts and reaction to this new technology.
  12. I held a recent Evernote workshop and the predominent question was "so how do I easily back-up all the material I've put into Evernote". Good question and I'd love to provide a super easy answer like..... "Evernote has thought of that so here is the easy back-up button" Thanks
  13. Any security difference ? When using Taskclone (Evernote -> Toodledo) it creates the Classic note link but this is less useful than the Public link because, this way, you don’t have the [View in Evernote] option on the web page. Thanks you!
  14. Evernote Android, iOS, and Windows Phone all now have passcode lock available for all users, including our Basic level. Check out our blog post here for more info:
  15. How secure are the notes stored in Evernote? Is there a way to make sure the files stored in the Evernote directory structure on the local hard drive are encrypted? If I store company documents, including peoples SSNs, and personally identifiable information, how secure are they? When a notebook is shared with another Evernote user, does the data pass back and forth as SSH? Thanks
  16. The crux of the issue for me is that quitting is not logging out. This is not what I expect, it's counter-intuitive (and dangerous). The way Evernote seems to work, both on my Mac and iPhone, is that if I just quit Evernote, it’s not protected. Launching the app opens it up logged on, so anyone who gets onto my Mac or my iPhone also gets into my Evernote without having to log on. This is too easy an error to make (from a security point of view) and one which I’ve been making unknowingly for months. So, I think you might want to add an option to your app so that when quitting Evernote one can choose to do so without logging out or with logging out. Those who don’t want to be bothered with this prompt should be able to opt out of it in preferences, but for the rest of us, security-aware, we could have this work so that either every time we quit we also log out, or we get a choice each time we quit Evernote. Please let me know if this option is already available and I just haven’t seen it, or if it can be made available. Thanks, FrogPhotog
  17. What I want is, that I have an option to select, that every time I start EN it ask me for password. But then, while it's on, it doesn't ask for password every time it synch. It was working that way, but now (perhaps after last update - I have (272236)Public) it doesn't. I know that there is option to sign out but it's not practical. Many times I shut down PC while EN is in system tray. And when I start PC, and then start EN it just opens. Did I miss something?
  18. I usually add a tag "public" every time I make a note public I can then go through and prune public links every now and again. Would love this to be automated. So I could automatically see which notes were potentially viewed or shared by others. Colour coding would be ideal.
  19. Many of us use evernote on Pcs that do not belong to them including the local app for windows. To ensure data is protected and it is not possible to read residual data even though the user account is logged out it would be nice to be able to encrypt the data with a unique password while on that local system. Just the cached local copies. This way if say a user no longer has access to that PC for whatever reason they can rest assured their data is safe. Example use cases include using a work PC or a PC belonging to somebody other than yourself. Require the user unlock the data at login each time with a password basically.
  20. As a user who stores a lot of sensitive information in Evernote, I would appreciate the capability for enhanced security beyond what is currently provided. 1) Data encryption at rest. I haven't found any information on this, but it seems to me our personal data is stored on the servers in "plaintext" form, and is only encrypted during transmission to/from the clients and servers. Are there any plans to implement full end-to-end encryption of data in all phases? I understand that Evernote needs the keys in order to support a lot of its useful features. Perhaps there could also be a user-selectable mode where only the user keeps keys locally (much like the in-note text encryption already available), perhaps compromising Evernote features but enhancing security. 2) In-note encryption for all data formats. Right now, we have the ability to encrypt text segments at will using local private keys, which is a welcome feature. I would appreciate this capability to be extended for all data types, e.g. audio, photos, and other file attachments. Are there plans to support this feature? Thanks!
  21. Hi, Are there any plans to add fingerprint security to Evernote for Android, in the same way the iOS version has TouchID support? Really miss it after using iOS for a little while, and it's starting to creep into more Android apps where it's useful (Lastpass, Journal etc). For me, it's the only real gotcha at the moment for Evernote! Cheers, Michael Charlton
  22. I want to make a proposal. I would appreciate, if EN would store the data of citizens of the EU in the EU. I know all the standard bla bla, how safe the data is. In fact it's not. Safe Harbor is over and we have now the Privacy Shield. But this is more or less the same, only with an other name. So as a non US citizen I don't have the control over my data. EN is holding the encryption keys and with the Patriot Act and FISA many people can have access to my data. And En can even be forced to keep the access secret. Some US companies even get money from the NSA for the access to the personal data of the customers. Legal backdoors. I don't know, if EN get also money for this, but after the last price "adjustment" I can imagine, that EN need badly money. Microsoft started to solve this problem by offering cloud services in the EU. This would be a feature that would be worth the price "adjustment".
  23. I have tons of passwords. I like the idea of using Evernote as a sort of password manager: Create a note for each username / password, and other applicable details that you have. Tag it up and leave nice comments to leverage search Highlight > "Encrypt Selected Text" on the portion of the note that contains any sensitive details as plain text. I understand that Evernote content is heavily encrypted so I feel like this is a reasonable approach to password management. However there seems to be (at least what I would consider) a security flaw with the "Note History" feature available on Premium accounts in that any information that was stored as plain-text before having been encrypted is easily viewed in a previous version of the note. Doesn't really protect against shoulder surfing / staying logged in to evernote with an unlocked workstation. After all: Everything is stored as plain-text before it has a chance to be encrypted. So my enhancement requests would be these: Add an option to disable revision history on a per-note and global basis Add an option to delete revision history on a per-note basis Add an option to retain X days of revisions history or Y number of revisions on a per-note and global basis Add an option to re-prompt for password before viewing revision history Add logic that says 'if the text is encrypted on the current version of the note, also encrypt / obfuscate in the history view. I understand this may be tricky from a 'detect what's encrypted now but wasn't before' point of view. An alternative would be to implement "if the current version has ANY encryption, then encrypt the entire previous version with the same hash". This could lead to 'nested' encryptions, but I don't see that as an issue. Add an option to provide a 'global' encryption passphrase (which may or may not be different than the password used to login). Only the hash of that string gets stored (obviously) When a user chooses to "Encrypt Selected Text", they have the option to apply this passphrase rather than typing it in (possibly incorrectly) Similarly, add an option to prompt that the passphrase be entered a second time to verify. This would reduce the risk of a user entering a passphrase incorrectly, then not being able to decrypt their text to enter it correctly. Also: I'd like to understand how encrypted text is handled if/when a premium user goes back to being a basic user. I'm an evernote Premium user. I use it on multiple platforms: OSX App, Ipad, Iphone, Linux (Web)
  24. I am a new user slowly getting hooked on to Evernote. I have been reading about the concerns related to storing secured information on Evernote cloud. I guess the general recommendation is that if you consider some information should be secured, just do not store it in Evernote. Now my question is what documents should be considered secure. 1. Storing passwords in evernote or any cloud service is a terrible idea. I get this. 2. Bank statements - some have said that the account no in bank statements is secure information. Can someone explain why this is secure information? what happens when some hacker gets access to it? 3. Tax returns - Can this be kept in evernote? This contains soc sec no etc. What do you all do? What kind of information that you DO NOT keep in evernote? Where do you store such information? (e.g another cloud service that supports encryption on storage)? How do you integrate that cloud service with your Evernote workflow?
  25. Dear Evernote! I love your service, and am actively promoting it to acquaintances. However, there are two backup-related features I am missing. If you fix these, my Evernote experience would increase significantly. Situation: In becoming a heavy user of Evernote, I am more and more dependent on the safety and security of all my files stored in the service. If I, or other users of shared notebooks, accidentally delete files, I do not want to risk losing them forever. Therefore, I now export my notebooks manually once a week. Still, this kind of backup is cumbersome, and at the mercy of human memory of remembering to do it. Furthermore, all backed up notes from many different notebooks are all squeezed into one backup notebook, making my Evernote backup files messy and unorganized. I therefore have two suggestions for you, which I hope you will consider. Suggestions: 1. Adding an integrated scheduled / automated backup option that would automatically take backup of all, or selected, notebooks daily or weekly. 2. Allowing users to export Evernote notebooks in an organized manner that includes one's initial Evernote structure, i.e. keeping one's distinguished notebooks, with accompanying notes, in the Evernote backup file. Would you consider these suggestions? Best regards, a passionate Evernote user from Norway. Ps! With regards to scheduled backup, I tried third-party app "Evernote Exporter" (, but could not make this work. A solution to suggestion 1 could be similar to this.