Search the Community
Showing results for tags 'two factor'.
Found 4 results
I use two factor authentication and use a Google Authenticator device. I just logged into the website on a new browser instance and when it asked me for my 2FA code, before I could get my app launched on my phone, Evernote texted me my code. I just checked my account security and Text is not checked, but the app is. Why would Evernote text me this? I had not failed to authenticate, nor had I asked it to use a backup method, which for me would be my backup codes I have saved, not text. Seems to be a security issue with Evernote's servers. @Rich Tener
Problems with Two-step authentication: I want to use Google authenticator only, but I receive SMS every time (I've selected Google Authenticator) In Evernote desktop (windows) I must input verification code every time I log in. It's annoying. At least we should have some time delay (30 days, half a year, 1 year ...)
I noticed that it doesn't seem possible to remove the primary phone number while two-step verification is enabled. Unfortunately, that weakens the security of two-step verification, even when using an authenticator app. This Wired article provides a great overview of the weakness of SMS-based two-step verification and its vulnerability to "sim swap" type attacks: https://www.wired.com/2016/06/hey-stop-using-texts-two-factor-authentication/ I'd love to see the ability to remove phone numbers as an override for authenticator-based two-step verification. I'd also love to see Evernote adopt the U2F protocol for improved two-factor security: https://www.yubico.com/solutions/fido-u2f/
Sorry if I am in the wrong area but I tried to sign into my account and it gave me the option to contact support (as I have Evernote Premium), I sent the message but it never fully loaded and sent, so I refreshed and tried again. No dice. So I closed my browser, evernote, everything, still no luck. My username is likwidsolutions with the email firstname.lastname@example.org and I know the PW but the TFA code is being sent to my old phone number via text, which I forgot to change before I changed my phone number. After this I plan to go back to using Authy, that way I can save my TFA to 1 account. If there is any info that I need to contact customer support as a premium member than the method I tried I'd appreciate the help. Or if an admin sees this and can help me out (I had to create this account just to get in the forums). I would like to keep my account so I don't lose my notes, and because it's a premium account