Hacker News new | comments | show | ask | jobs | submit login

The point that the folks over at Evernote are really missing is that Joe Average is using the very same credentials everywhere else, from their Gmail to the Amazon accounts. If Evernote where sensible about security of their users, they would have explained why it is indeed a bad and common practice to use the same password everywhere, as it is a certain way to get your online identity hijacked sooner rathre than later by means of a breakin like this one. It is good to know that passwords have been stored salted, but nevertheless, eventually these credentials are now compromised and if Evernote where sensible about this they would have told their users to reset their password whereever they use the same one, which is probably lousy marketing compared to "hey, we got your password stolen, but don't worry, it was encrypted".

Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | DMCA | Apply to YC | Contact