Good news for anyone who really likes thinking up passwords! Nearly ubiquitous note taking app Evernote got hacked. The Evernote team says the information the hackers got was limited to user information like usernames, email addresses, and passwords. Evernote is taking steps to keep this kind of thing from happening in the future, but they’ve also released a few standard tips on keeping your password safe, and making everyone reset their password.
It feels like only yesterday that I started using Evernote after years of having it installed, but instead still relying on the default note apps on my phones. It feels that way because it was yesterday when I started using Evernote. Shortly after making my grocery list, Evernote informed the world of the security breach. Lucky me.
In the blog post announcing the security breach Evernote was quick to point out that no payment information like credit card numbers for Premium members was access, nor was any content stored on their servers compromised. Good. I’d hate for hackers to see that I put Nerds on my grocery list. That’d be embarrassing.
In the blog post the Evernote team calls the move to have all users reset their password “an abundance of caution.” They call their password encryption system “robust” and assure users that they work constantly to improve it. They also give users the following tips for creating a new password.
- Avoid using simple passwords based on dictionary words
- Never use the same password on multiple sites or services
- Never click on ‘reset password’ requests in emails — instead go directly to the service
Pretty standard stuff, but with the rash of high profile hacks lately, they’re tips that seem to bear repeating. If you’re an Evernote user you’ll have to reset your password the next time you log in, regardless of how long you’ve used the service.
(Evernote via Engadget, image via micamica)
- I guess no one told Burger King “whopper” was a terrible password
- You can pretend to hack Burger King with @PretendBK
- Obama mentioned an executive order on cybersecurity
