Note-taking service Evernote announced a breach on their network today, and has instituted a service-wide password reset. Here’s what you need to know.
Evernote’s security was likely breached sometime in the past week, and attackers were able to take user information including usernames, email addresses, and encrypted passwords. Evernote says there is no evidence of payment details being compromised. User passwords are stored hashed and salted, which means stronger passwords are safer than weak ones, but Evernote has instituted a mandatory password change for all users. You won’t be able to change your password from the Evernote app; instead, you need to head over to evernote.com and sign in. After signing in, you’ll be prompted to change your password, but you should do it as soon as possible to be safe.
As always, if you used your Evernote password on any other site, you should change all your passwords now that it’s been compromised. Check out our guide to auditing and updating your passwords with LastPass for our recommendations on how to proceed.
Security Notice: Service-wide Password Reset [Evernote Blog]
Leave a Reply
You must be logged in to post a comment.