Printed from http://www.electronista.com

Evernote adds two-step authentication, access management to accounts

updated 02:18 pm EDT, Thu May 30, 2013

Bolstered security follows large-scale attack on Evernote servers

Evernote has added three new security features to help its users keep their accounts safe. The inclusion of two-step authentication, access history, and authorized app management comes two months after the note-taking service suffered an attack by hackers, which forced the company to reset all passwords for its near 50-million user base.

The authorized applications list in the account settings will list all applications that have access to the Evernote account, and will allow the user to revoke access at any time, forcing the account password to be re-entered the next time it is used. The access history page will show a running list of all times the Evernote account has been accessed in the last 30 days, including IP addresses and estimated location, which the company blog states will help prove if an account is accessed without the account holder's knowledge.

The third item, two-step verification, is available to Evernote Premium and Evernote Business users at the moment, and will not be usable by free Evernote users until the service feels "comfortable with our ability to support a wide audience." Users can choose to have a six-digit code sent to their mobile phone over SMS, or use an app such as Google Authenticator, which must be entered in order to log in. Third-party applications that connect to the Evernote account will still be able to access once an Application Password has been created specifically for it within the account management system.

The additional account security measures by Evernote is the latest in a long line of similar maneuvers by tech companies. Microsoft, Twitter, and Apple have all activated two-step authentication in recent months, and it is likely that other large services will bolster their security processes in the future.



By Electronista Staff
Post tools:

TAGS :

toggle

Comments

  1. daqman

    Junior Member

    Joined: 09-15-00

    It's "Two Factor" not two step. Depending on which method you chose there can be many steps, for example launching google authenticator and copying the code from one device to another. It sounds pedantic but "two step" makes it sound a bit easier than it really is.

    There was a "Catch 22" in the setup of Google authenticator. I was reading the setup webpage on my iPhone and the instructions included a QR code and the text "scan this code with your iPhone, a bit tricky that. Maybe I could use two mirrors?

Login Here

Not a member of the MacNN forums? Register now for free.

toggle

Network Headlines

toggle

Most Popular

Sponsor

Recent Reviews

Asus Chromebook C300

When Chromebooks hit the market back in 2011, consumers didn't know what to do with them. The low-cost laptops, powered by Google's Ch ...

Plantronics BackBeat Pro Bluetooth headphones

Looking for a pair of headphones that can do everything a user requires is a task that can take some study. Trying to decide on in-ear ...

Lemur BlueDriver

"Oh no, the check engine light is on…again! What one of the hundreds of reasons could it be this time? Probably going to cost a fort ...

Sponsor

toggle

Most Commented

 
toggle

Popular News