What to do if you suspect unauthorized access to your Evernote account

If you become aware of suspicious activity in your Evernote account, take the following steps to secure it.

1. Change your password immediately

Go to the Security Summary page in your account settings and click Change password. While there, confirm that the email address on file is up-to-date so you don't miss any important email communications from Evernote, or in the event we need to verify your account.

Use a different password on Evernote than any other site you log into. That way, if someone learns your password on another site, you won’t have to worry about them also being able to access your Evernote account. Avoid using simple passwords that could be looked up in a dictionary. Instead, choose a complex password that is at least 8 characters long and contains a mix of uppercase and lowercase letters, numbers, and special characters. Equally good is picking a phrase that is at least 20 characters long. A password manager can make both of these easy to do. We suggest using one.

Remember to keep your account login information private. An Evernote employee will never ask for your password.

2. Set up two-step verification

Go to the Security Summary page in your account settings to enable two-step verification. Two-step verification provides an additional layer of security and can protect your account even if your password is compromised. Learn more >>

3. Revoke access to any unauthorized devices and applications

Go to the Devices page in your account settings to review the devices with access to your Evernote account. Check for any devices that don't belong or you don't use anymore and remove them. Learn more >>

Go to the Applications page in your account settings to review applications that are authorized to access your account. Use the "Revoke Access" function to remove any undesired or unauthorized applications.

4. Review the access history for your Evernote account

Go to the Access History page in your account settings to review the log-in history for your account. You can view the devices and IP addresses that have logged in to your account for the past three months to look for suspicious activity. Learn more >>

5. Encrypt sensitive text inside your notes

When you encrypt text in a note, a separate password will be required to view the text, even if someone, including you, has access to your account

5. Secure sensitive information

If you stored any sensitive data in your account like passwords, credit card numbers, or cryptocurrency keys, you should consider changing them to stop or prevent misuse

Keywords:

hack

hacked

someone in my account

account compromise

comprimise

compromise

security

secure account

lockdown account

lock down account

account stolen

stolen account

using my account

hacker

unauthorized

new login detected

LANGUAGES_PRODUCT

Updated

Was this article helpful?

11123 out of 15558 found this helpful

Have more questions? Submit a request