Evernote planning two-factor authentication following hack

Note-taking company Evernote has announced that it will offer two-factor authentication in the near future, after suffering a major data breach last week.  

Evernote confirmed the news to InformationWeek, saying: "We were already planning to roll out optional two-factor authentication to all of our users later this year. We are accelerating those plans now." 

The security news comes after Evernote notified its 50 million users over the weekend that it was resetting passwords after its databases were hacked. The infiltrators got access to user information, including usernames, email addresses and encrypted passwords. At this time, it doesn't appear any payment info or unprotected passwords were taken, thanks to the company's "robust" password encryption.  

Evernote didn't offer specifics as to when the new authentication feature would be available. It's worth noting that several other web services offer two-factor authentication, including Dropbox, Facebook, and Google. For those who aren't familiar, a two-factor system means you have to enter both a password and verification code when logging in.


A few of us here at Pocket-lint use Google's two-factor feature and find it to be a great way to keep out anyone who may wrongly find our password. Many of the services use text messaging to send a six-digit code for logging in.

Evernote's hack came shortly after Apple, Facebook, Microsoft and others reported similar infiltrations, though not as serious. Apple's statement on the matter said: “There is no evidence that any data left Apple.” The string of hacks is believed to originate in eastern Europe.



>