Following a major data breach which caused Evernote to reset all of its near-50 million users’ passwords, the company has revealed to Information Week that it had already planned to “roll out optional two-factor authentication to all of our users later this year,” but now those plans are apparently being accelerated.
Three days ago, Evernote revealed that some of its user’s data had been accessed – including usernames, email addresses and encrypted passwords. The company has since won praise for its handling of the issue, being transparent with its details and wholly careful by enacting a full password reset. Evernote has also been criticized for using the MD5 cryptographic algorithm to hash passwords, which according to Information Week is apparently easy to crack.
While Evernote has yet to detail how its two-factor authentication will work, it will involve an extra step aside from typing in your password, like having to enter a random pin sent as a text message to your phone.
Apple, Microsoft, Facebook, Zendesk and Twitter have all been hit by hacks lately, although there is no suggestion at this point that the events at Evernote — or any of the others — are directly connected.
Image credit: Emma Weber