The war between security and convenience


iOS diagnostic services, their uses and protections, outline by Apple in response to 'backdoor' allegations


New and updated apps: Capo Touch, Lingua.ly, Documents 5 and more!


Apple: No backdoors created for NSA


Apple blocking older versions of Flash after yet another security exploit


UK government set to rush through emergency surveillance legislation


UK officials follow US counterparts by banning electronics with no charge from boarding flights


Apple's security lock adapter will chain your Mac Pro to your desk


Not only is Yo stupid, it's now also a security risk


Best note-taking apps for iPhone and iPad: Evernote, Drafts, Vesper, and more!


Apple confirms iCloud breach not the reason behind Apple ID hijack


Bizarre Australian iPhone, iPad hijack serves as yet another reminder to use unique passwords


Using strong passwords and keeping your online self secure


New cases promise to protect your iPhone from hackers...somehow


First smartphone 'kill switch' bill in the US passed by… Minnesota


Bitly alerts users of widespread account compromises, claims no accounts have been accessed


Evernote and LinkedIn partner up to scan business cards


Apple is aware of iOS 7 mail attachment bug, working on a fix


Best apps for accountants and CPAs: Scanner Pro, 1Password, Dropbox, and more!


John McAfee's Chadder aims to keep your crazy messages private

Evernote forces password resets after discovering suspicious hacking activity

Evernote forces password resets after discovering suspicious activity

Evernote, the popular cross-platform note-taking service, has issued a global password reset for all users following the discovery of suspicious activity described as a coordinated attempt to gain access to their system. In an email sent out to users by the company, Evernote said:

The investigation has shown, however, that the individual(s) responsible were able to gain access to Evernote user information, which includes usernames, email addresses associated with Evernote accounts, and encrypted passwords. Even though this information was accessed, the passwords stored by Evernote are protected by one-way encryption. (In technical terms, they are hashed and salted.)

While our password encryption measures are robust, we are taking steps to ensure your personal data remains secure. This means that in an abundance of caution, we are requiring all users to reset their Evernote account passwords. Please create a new password by signing into your account on evernote.com.

After signing in, you will be prompted to enter your new password. Once you have reset your password on evernote.com, you will need to enter this new password in other Evernote apps that you use. We are also releasing updates to several of our apps to make the password change process easier, so please check for updates over the next several hours.

You can also read the Evernote Blog post on the issue for more.

This is only the latest such disclosure from a major online service provider. If you're not already, make sure you get a password manager app (I use 1Password, others like Lastpass, but there are many options). Then, make sure you have unique, robust passwords for every service you use. It might seem like a pain in the ass, but having your accounts compromised can be a nightmare. So do it.

If you're an Evernote user, go change your password now.

More: Evernote Blog

Rene Ritchie

Editor-in-Chief of iMore, co-host of Iterate, Debug, Review, The TV Show, Vector, ZEN & TECH, and MacBreak Weekly podcasts. Cook, grappler, photon wrangler. Follow him on Twitter and Google+.

More Posts



← Previously

SIMPLcase aims to make multi-SIM iPhone traveling a breeze

Next up →

Lightning to Digital AV adapter could be pushing lower res H.264 because it's not yet capable of streaming raw HDMI

There are 3 comments. Add yours.

GlennRuss says:

Their servers must be slammed. I cannot log in at all to change my password. What a mess.

SockRolid says:

The password change process was pretty straightforward. Whew.

Some day I might actually use the app. Installed it, signed up, had it for over a year, and have never used it.