Evernote Resets Everyone's Passwords After Intrusion

After detecting a coordinated intrusion into their network, Evernote forced a system-wide password reset today. The attackers were able to access Evernote user information, which includes usernames, email addresses associated with Evernote accounts and encrypted passwords

Evernote's security team has detected a coordinated attempt to gain access to secured areas of their systems. So as to be safe, rather than sorry, they have forced all users to reset their passwords before proceeding to use the service.

Evernote Resets Everyone's Passwords After Intrusion

New password? What new password?

I noticed this myself this morning when I tried to load up Evernote on my Mac and got a message that my password had changed and that I should enter the new one. This left me confused as I had not reset my password.

Then I noticed a post on Facebook from Evernote, which I received because I had Liked them, noting the system-wide password reset and linking to the blog entry on their site to which I liked just above. Other people also found the mechanism the company used confusing.

Read the full article here.

Larry Seltzer is the editorial director for BYTE, Dark Reading, and Network Computing.

Have a comment on this story? Please click "Discuss" below. If you'd like to contact Dark Reading's editors directly, send us a message.