Many people find it convenient to store passwords in note-taking apps like Evernote or Apple Notes, but this practice can be a security risk. Let’s take a look at why note-taking apps are high-risk places to store sensitive data—and the best ways to store your passwords.
Why is storing passwords in a notes app a bad idea?
Many people write down passwords in plain text—on sticky notes or in smartphone apps—for convenience. In fact, about a quarter of us store passwords in digital notes or documents, according to data from the Pew Research Center.
Unfortunately, that convenience comes with serious security risks, as the primary purpose of note-taking apps is not to protect sensitive information, leading to a number of cybersecurity vulnerabilities. The biggest of these is the fact that most common note-taking apps are not automatically encrypted.
The lack of encryption leaves you at the mercy of your device’s security. If your phone or laptop is lost or stolen (or simply unlocked in the wrong hands), all of your passwords are instantly exposed.
While you can lock your entire phone with a passcode or biometric lock, if your notes are synced to the cloud and someone gains access to your cloud account by breaching the provider's security or defenses, they can completely bypass the device's security. If that sounds impossible, consider that Evernote, for example, once had to reset 50 million user passwords after its database was breached.
Even "encrypted" notes aren't secure enough
While some note-taking apps offer encryption, it's typically not as strong as what's found in password managers. For example, Apple's Notes app allows you to lock notes with a passphrase, using end-to-end encryption with AES-GCM.
Not all note-taking apps offer this level of security, however. Evernote’s encryption, for example, is more limited: It allows you to encrypt text in your notes using AES-128, but this requires you to do it manually for each sensitive piece of text. More importantly, Evernote’s standard storage isn’t end-to-end encrypted by default, so the company theoretically has access to your data on its servers. Certainly not the best way to store passwords.
In addition to weak encryption, note-taking apps lack many essential password management features. For example, they lack secure password sharing; automatic password generation to create strong, unique passwords that match a site’s specific requirements; and they don’t provide breach monitoring alerts to notify users when their stored credentials appear in known data breaches.
Last but not least, they can't autofill login forms on websites, so you have to manually copy your password to the clipboard, and there are quite a few types of malware designed to monitor and steal clipboard contents.
Secure Alternative: Password Manager
At this point, you might be thinking, “Okay, if I don’t have to use my note-taking app, what’s the best way to store my passwords ?” The answer is to turn to a password manager. Password managers are apps specifically designed to securely store your passwords (and other private information). They encrypt everything with a master password (or passphrase) that only you know, and come with convenient features like autofill, strong password generators, and sync across multiple devices.
Here are some of the top password managers that the article recommends, based on different needs and personal experience using them.
What is the order to watch Attack on Titan is a question that many people are interested in. This article will tell you how many parts Attack on Titan has and how to watch it.
If you love Thailand and want to learn Thai, the first thing you need to do is get acquainted with and memorize the Thai alphabet.
OpenAI has officially introduced three new models: GPT-4.1, GPT-4.1 mini, and GPT-4.1 nano. These models come with a massive context capacity of up to 1 million tokens and a knowledge limit updated until June 2024.
You have the survey results in hand but don't know how to present them? Don't worry, this article will guide you how to present the survey in PowerPoint, Google Slides.
Sight words are short, common, “easy” words that young children can learn to recognize by seeing them (rather than sounding them out). Here are the first English sight words that children should learn.
The latest example of this is the sale of the Simple Mobile Tools suite to ZipoApps, turning once-useful Android apps into potential privacy risks.
The reclusive Marubo tribe in the Amazon jungle was connected to the outside world by Elon Musk's Starlink satellite internet service nine months ago. However, the emergence of this technology has brought unexpected consequences.
Discover the vibrant social scene of baccarat on Tedbet, where players worldwide connect, chat, and enjoy the excitement of live dealer games.
Topping the list of the world's deepest lakes is Lake Baikal, at 1,642m deep, containing one-fifth of the planet's unfrozen fresh water reserves.
The newly discovered galaxy is named JADES-GS-z14-0.
Microsoft Edge browser has a hidden Circle To Copilot feature, circle something to search on Copilot like with Samsung's Circle to Search feature.
Kungfu Hero Code gives players Kim Nguyen Bao, EXP Pills, Summon Chests, Speed Up Tickets and many other rewards.
The research tool in Excel is activated by Alt + left mouse button. If you do not need to use research in Excel, you can completely disable this tool according to the instructions below.
The US Naval Research Laboratory (NRL) has successfully transmitted 1.6 kW of wireless power over a distance of 1 km using microwaves.
Scientists have discovered a new climate phenomenon similar to El Nino, which could cause temperature changes across the Southern Hemisphere.
