[Feature Request]: Notebook Lock on Local Client

[Carpe Diem 4]

Can we please please please have the ability to password-protect an entire notebook on the local windows client so that anyone who gains access to the program on the computer (other than the owner) isn't able to access private sensitive information? How difficult can this feature be? I know there's the ability to encrypt certain parts of a particular note, but it's much easier to have a "Daily Journal" kind of notebook where the most intimate thoughts are expressed without having to encrypt every single one of them after writing.. It's such a hassle. Automatic encryption at the point of creation for any new note within that notebook would really be a great handy feature, and one that I'd think isn't really all that complicated to implement. Do you think you could do that?

 

The program is always open and accessible on my laptop, I want to feel a higher sense of security than that offered by requiring me to always lock my windows user. What if I once forgot the user open and my teenage daughter started reading some of these entries that she's not supposed to? Please help.

[Carpe Diem 4]

Upon searching the forum, this feature request has been made over and over for YEARS and by countless other people. I really find it strange that the Evernote team can ignore it for so long! They're normally very keen on making the product of higher value to the highest number of people. Is this because of a technicality? I seriously doubt that it is technically impossible.

[BurgersNFries 2,407]

Can we please please please have the ability to password-protect an entire notebook on the local windows client so that anyone who gains access to the program on the computer (other than the owner) isn't able to access private sensitive information? How difficult can this feature be? I know there's the ability to encrypt certain parts of a particular note, but it's much easier to have a "Daily Journal" kind of notebook where the most intimate thoughts are expressed without having to encrypt every single one of them after writing.. It's such a hassle. Automatic encryption at the point of creation for any new note within that notebook would really be a great handy feature, and one that I'd think isn't really all that complicated to implement. Do you think you could do that?

The program is always open and accessible on my laptop, I want to feel a higher sense of security than that offered by requiring me to always lock my windows user. What if I once forgot the user open and my teenage daughter started reading some of these entries that she's not supposed to? Please help.

Upon searching the forum, this feature request has been made over and over for YEARS and by countless other people. I really find it strange that the Evernote team can ignore it for so long! They're normally very keen on making the product of higher value to the highest number of people. Is this because of a technicality? I seriously doubt that it is technically impossible.

Evernote (and many other apps) leave the security of your computer to the user. If you want your local EN database not able to be seen by others using your computer, then there are several options covering various levels of security. IE locking your computer, having separate logins for others using your computer, putting your EN database in an encrypted container, etc, etc, etc. I don't know why EN should be responsible for security on your own computer...

Most of the other threads are discussing synced notebooks that are synced to & reside on EN servers. That's a whole different ball of wax.

[Carpe Diem 4]

By the same logic, anyone can argue that the in-text encryption that your client offers is not all that necessary.. Nobody should be able to look at the user's notes but herself, leave security of the computer to the user, she shouldn't need to encrypt any part of any note.. I really don't understand why you can offer the feature on the in-text level and not be able to do it with notes and notebooks.. I might not be the most tech-savvy person, and there might be more to it technically, but logically this the same function but on a higher level. The argument against it didn't make much sense since it already exists

Since the client opens up access to the database (fit anyone not familiar with direct database manipulation), it is the responsibility of the client to control that access as well. The user can't control the design of the program. You do!

The tablet app already offers pin lock even though you can argue that we should leave the protection of the iPad's data to the owner. He should lock the iPad before leaving it. Why then add a PIN to the app. It's the same concept. It's called multiple levels of protection. Defense in depth, if you will.

And let's say that I do take my best measures to keep my computer safe. Who's to guarantee that other ball of wax that you speak of? What if I want that entire notebook to stay encrypted even on the server itself? Still unconvinced.

[BurgersNFries 2,407]

By the same logic, anyone can argue that the in-text encryption that your client offers is not all that necessary.. Nobody should be able to look at the user's notes but herself, leave security of the computer to the user, she shouldn't need to encrypt any part of any note.. I really don't understand why you can offer the feature on the in-text level and not be able to do it with notes and notebooks.. I might not be the most tech-savvy person, and there might be more to it technically, but logically this the same function but on a higher level. The argument against it didn't make much sense since it already exists

Since the client opens up access to the database (fit anyone not familiar with direct database manipulation), it is the responsibility of the client to control that access as well. The user can't control the design of the program. You do!

The tablet app already offers pin lock even though you can argue that we should leave the protection of the iPad's data to the owner. He should lock the iPad before leaving it. Why then add a PIN to the app. It's the same concept. It's called multiple levels of protection. Defense in depth, if you will.

And let's say that I do take my best measures to keep my computer safe. Who's to guarantee that other ball of wax that you speak of? What if I want that entire notebook to stay encrypted even on the server itself? Still unconvinced.

 

 

First, this is a user's board.  Unless the profile says employee, we're all just users like yourself.

 

Second, if all the notes were securely encrypted (which means EN would not have access to the encryption key), then EN would not be able to OCR/index your notes.  That is one of Evernote's niches.  If you simply want to put stuff in the cloud with no OCR/indexing & have it encrypted, there are other, better options.  FYI, I never use the EN text encryption feature.  However EN includes it & whatever is encrypted is never OCR'd/indexed.  And you'd better never forget the encryption password b/c if you forget it, EN will not be able to provide it for you & your data will be lost.

 

Third, each user definitely has control over the security of their computer.  If the user has any sensitive data on their computer, it is up to them to educate themselves on security & secure that data. If you have something on your computer you don't want your teenaged daughter to see, you need to use one of the aforementioned options (or another option that may not have been mentioned.)  Or, simply don't have it on the computer.  IOW, it's not just Evernote that I don't want others to see but my email & Quicken as well.  You mention tablets having a pin lock, that's what different login account do for a desktop/laptop.  You can also add apps that will require a pin to use it.  Gameprotector is a free one I've used on Windows, in the past.  Most mobile devices & apps have PINs b/c a smaller device is more likely to be stolen/lost. 

 

The "other ball of wax" is if you put a copy of your bank statement that has your account number on it in an Evernote sync'd notebook & sync, the potential exists (it's slim, but it exists) that a hacker could get access to the EN servers & see that document.  The situation you are talking about is if someone accesses your computer either with your permission (daughter) or without (theft.)   These are two very different scenarios.   I f a user is going to have sensitive information on their computer, then they need to educate themselves on how to secure that data as much as possible (nothing is hackproof) and find their comfort level for using a cloud.  Some people put their unencrypted passports in the cloud & others won't put anything in a cloud.  Most of the rest of us are somewhere in between. 

[Carpe Diem 4]

I guess what you're trying to say is that Evernote does have the ability to implement this (as do many other services), they just *choose* to ignore it despite the countless requests people have made as far back as year 1 (2008/2009).. People are smart and they're aware of the limitations that come with encryption.. they can manage to remember/handle their important passwords for their sensitive stuff, thank you.. Saying that there are better services out there that are able to do this doesn't really abdicate Evernote from trying a little harder to compete.. It's supposed to be an extension of our brains, our entire lives can sit in Evernote.. It has the capacity to be an "integral part of our life".. but apparently not, because according to the response above, they wants us to split our note-taking use cases with their competitors.

 

Don't get me wrong, I love Evernote (or at least used to love it until the horrible freezing performance issues that came with their latest Windows client upgrade, but that's another thread).. I realize you probably won't change your mind about this feature's value to countless people, and it is not my intention to change another user's mind.. We want Evernote's actual employees to pay more attention. How many times does this need to be requested? So what if a user chooses to have some of the notes not be indexed/OCRed and only allow search on the local machine? Big deal! Nobody wants to put their notes in two different programs.. that's the whole point of having Evernote.. all of your important bits in one place.. one search function.. accessible from every conceivable platform.. That's the selling point, not super-imposed mandatory OCR. Give the users more options!

[BurgersNFries 2,407]

I guess what you're trying to say is that Evernote does have the ability to implement this (as do many other services), they just *choose* to ignore it despite the countless requests people have made as far back as year 1 (2008/2009).. People are smart and they're aware of the limitations that come with encryption.. they can manage to remember/handle their important passwords for their sensitive stuff, thank you.. Saying that there are better services out there that are able to do this doesn't really abdicate Evernote from trying a little harder to compete.. It's supposed to be an extension of our brains, our entire lives can sit in Evernote.. It has the capacity to be an "integral part of our life".. but apparently not, because according to the response above, they wants us to split our note-taking use cases with their competitors.

 

Don't get me wrong, I love Evernote (or at least used to love it until the horrible freezing performance issues that came with their latest Windows client upgrade, but that's another thread).. I realize you probably won't change your mind about this feature's value to countless people, and it is not my intention to change another user's mind.. We want Evernote's actual employees to pay more attention. How many times does this need to be requested? So what if a user chooses to have some of the notes not be indexed/OCRed and only allow search on the local machine? Big deal! Nobody wants to put their notes in two different programs.. that's the whole point of having Evernote.. all of your important bits in one place.. one search function.. accessible from every conceivable platform.. That's the selling point, not super-imposed mandatory OCR. Give the users more options!

 

You seem to be combining several issues into one. 

 

Evernote is not trying to be a backup service or a password manager.  You say "they can manage to remember/handle their important passwords for their sensitive stuff, thank you".  Well the rule of thumb is to not use the same password for multiple logins.  IOW, the password you use for your credit card should not be the same one you use for your bank or even the same one you use when ordering anything from Amazon.  And they all should be strong passwords meaning many characters & a combination of letters & numbers.  I'm glad you are able to remember all those.  I cannot & use a true password manager for that (Roboform) b/c a password locked Word document can be hacked in less than two minutes.

 

Simply b/c a request has been requested "countless times" over years doesn't mean it's ever going to be implemented into Evernote.  It's Evernote's decision b/c it's their product & their livelihood on the line.  Additionally, some requests by users may be mutually exclusive to requests by other users.  IOW, Evernote (or any app) is never going to be everything to everyone.

 

I don't know how to be more clear on the various topics you keep melding into one.  So good luck with whatever options you choose.

[ScottLougheed 1,316]

I think the key thing is that this is not an entirely straightforward issue. 
 

Evernote is likely keenly aware of this request and why it would be useful. 

 

This feature may not be technically difficult to implement in its most basic form.

 

As you note, Carpe Diem, it is quite possible Evernote has simply chosen to not include this feature.

 

There are a lot of reasons why they might choose not to implement. BurgersNFries highlights some - It would preclude the use of server-side processing that many users rely on. Data will be permanently lost if the passcode is forgotten by the user. Data stored locally such as your Evernote Database should be secured by the user (such as by locking the computer and/or having individual user accounts on the computer) anyway regardless of whether it is encrypted or not, because that is just smart. It is also smart because other locally stored stashes of very personal information, such as your email correspondence stored in your Outlook/Mail.app database are also not secured and would be vulnerable to a local user snooping (yes, even if you don't store your email password in the application, all your messages are stored in a local database that can be accessed without your email password). 

 

There are some others. For mobile devices, these encrypted notebooks would have to be downloaded in their entirety to the device's local storage before they could be decrypted and modified (With the exception of notebooks that premium users choose to be available "offline", only note headers are downloaded). This could be taxing on the limited storage of most mobile devices, or impossible if the device has too little free storage. This could potentially mean that encrypted notebooks are inaccessible from mobile devices under some circumstances. Because the data are encrypted, even headers only couldn't be downloaded. 

 

I think that there are very good reasons to have encrypted notebooks. I think, technically speaking, it could be relatively easy to slap the feature onto Evernote. I think without immense care it would create a huge number of user experience nightmares, in fact, I think even if it were carefully implemented, it would still cause a lot of users grief. While some users might do their best to educate themselves on matters such as encryption and all that it entails, this won't always be the case, and even those that do will make mistakes. Some things are just plain challenging, such as mobile devices. 

 

So what does Evernote do? Do they choose to make encrypted notebooks not accessible on mobile devices? This would be confusing and undesirable.

If they were available, how do handle the offline storage issue and the fact that, if the user has limited space, might not be able to access their notebook at all? Worse, what if the user didn't realize they were creating an encrypted notebook (or didn't know what that meant)? And that's just one of the potential challenges associated with it.

 

So, I can understand why Evernote might choose not to fight this battle, or they may in fact be fighting it, but fighting slowly in order to ensure that it is not an absolute mess for users to try and grasp when they do introduce it. They might simply see it as an issue of there being many other more suitable options for users who have very very sensitive data, and that they simply couldn't do it as well as those other options can. 
 

All I am suggesting is that it is not a clear cut thing. It isn't as easy as saying "it's essential, it's easy, lets do it", nor is it something to be dismissed entirely.