Jump to content
DrSnap

(Archived) Encrypted notes in the Note History

Recommended Posts

Hi,

 

I have a question:

 

how does EN deal with notes that have encrypted section when doing the History (versioning).

If a text was un-encrypted at one point in the history will it be available through accessing the Note History?

 

i.e. if someone with bad intentions comes to my note with an encrypted password can he just go to the Version History and if he's lucky find the unencrypted first verion of that note?

 

thx

:DrSnap

Share this post


Link to post

Bearing in mind your hypothetical bad person is already through your device password and your account password by this stage,  I'd assume s/he was pretty intent on getting into your data.  Anyone that keen is going to get there one way or another,  and s/he only has to know the pass phrase to get there directly.  But as far as I know if they do step back into the history of your account (assuming it's a Premium account) then you'll see anything that was synced with the server prior to encryption.  If you make changes to the content after encryption they are presumably secure,  and if you really want to belt-and-braces protect something it might be a good idea to type a couple of words at the beginning and end of several carriage returns and encrypt the paragraph,  then create your encrypted text outside Evernote and cut/paste it into your pre-prepared area,  and then exit the note and sync.

 

None of that is tested by the way - please verify the outcome in your own client before shouting at me!

 

It's not,  as I've said,  a feature I rely on heavily - if you do test any of this out please let us know what you find..

  • Like 1

Share this post


Link to post
It's not,  as I've said,  a feature I rely on heavily - if you do test any of this out please let us know what you find..

 

Well Tested it. First I had a password encrypted then i decrypted it (to change the passphrase) but during that time it got synced for the version history. and then I encrypted it again. So now one plain text version can be found in the second last version in the history..

The plaintext version can't even be deleted! So all I can do, is to delete the note completely paste it into a new one and start a new version history. Not ideal...

 

That "bad person" could be somebody using my computer from time to time or the computer with access to a shared notebook. So it is a concern!

Share this post


Link to post

 

It's not,  as I've said,  a feature I rely on heavily - if you do test any of this out please let us know what you find..

 

Well Tested it. First I had a password encrypted then i decrypted it (to change the passphrase) but during that time it got synced for the version history. and then I encrypted it again. So now one plain text version can be found in the second last version in the history..

The plaintext version can't even be deleted! So all I can do, is to delete the note completely paste it into a new one and start a new version history. Not ideal...

 

That "bad person" could be somebody using my computer from time to time or the computer with access to a shared notebook. So it is a concern!

 

 

The "ideal" is to use a true password manager like 1Pass, Roboform, LastPass, etc.

Share this post


Link to post
Guest
This topic is now closed to further replies.

×
×
  • Create New...