Is your data secure in Evernote?
Evernote has a very detailed security page, and among other things they talk about how they encrypt your data in transit (when uploading and downloading) and they talk about how you can encrypt text within a note.
There is one notable exception: they don’t talk about encrypting the files you save in Evernote. This is because, at present time, data is stored in Evernote unencrypted.
Hopefully that will change someday, but at the time of writing you need to take matters into your own hands.
Encrypting Text Inside A Note
The “official” way to do encryption in Evernote is to simply encrypt any sensitive text in a note. This is easily done in the Evernote UI:
Step 1: Select the text you want to Encrypt.
Step 2: Right-click and choose Encrypt Selected Text.
Step 3: Make up a passphrase that you will later use to decrypt this text. Note: This phrase is never sent to Evernote’s servers, and they have no way of retrieving it for you. If you forget it, you are out of luck.
Step 4: Your text will now show as encrypted in Evernote. To decrypt it, click it and enter your passphrase from Step 3.
Encrypt Documents Before Uploading Them To Evernote
As mentioned, Evernote doesn’t give you a way to encrypt your files. If you’re using Evernote for going paperless, this means that if you want your PDFs encrypted, you need to do it before uploading.
There are free tools on Mac and Windows to do this. On the Mac, you can use the included Preview application. On Windows, you can use PDF X-Change Viewer to do the job.
I describe how to do this in detail in my Paperless Security Guide.
One thing to note about this: if your PDFs are encrypted, this means that Evernote can not index them and therefore it cannot search the contents. It’s up to you whether you wish to trade off searchability for security.
Encrypting Your Evernote Database
In previous versions of this post, I described how to encrypt your local Evernote database on Mac (using a symlink to an encrypted sparse bundle) and Windows (using TrueCrypt). I personally do not do this anymore, as Evernote keeps changing how they store things.
There is an interesting-looking project called SafeRoom. It allows you to encrypt/decrypt notes in Evernote notebooks, including those with PDF attachments. There are even mobile apps.
Here is a thread on the Evernote forum about SafeRoom if you want to follow along with the project.
Do you have any other methods you use to encrypt Evernote? Let us know in the comments.