Evernote was hacked over the weekend, exposing users emails, usernames, and encrypted passwords. Although the stolen passwords were encrypted, Evernote erred on the side of caution and required all of its users to change their passwords. The company has remained very transparent by sending out a detailed email about the attack immediately after it happened.
Today, the company has announced that it is hard at work to get a two-factor authentication system for its service. Evernote spokeswoman, Ronda Scott, wrote to Information Week saying the company was already “planning to roll out optional two-factor authentication to all of our users later this year. We are accelerating those plans now.”
Two-factor authentication is a log in system where you need two ways to prove your identity. An email or text message sent with a randomize code could be part of that two-factor authentication system. This follows in the footsteps of companies like Google, Dropbox, and Facebook, who already have this type of security system in place. Twitter has considered implementing this system for its service, but has yet to announce any concrete plans.
Although a two-factor authentication system won’t prevent Evernote’s servers from being hacked, it will make it much more difficult for hackers to gain access to users’ accounts.
If you haven’t changed your Evernote password yet, you will be asked to do so when you try to log in on the web or mobile app.
Source: Information Week
