This is the 2nd Time in Two Months that I have been notified by Evernote that I had a sign-in in a new device in a remote country. And I login to Evernote through my Google sign-in.
So evidently, someone can sign-in to sites I sign in with my convenient Google sign-in. And if I change my Google password, in time someone will figure it out and then sign in again.
What he can't do is change my password and leave me out of my own Google account, as any password has to be verified by a one time password sent to my mobile device.
Anyway, I think the hacker couldn't find any money to steal from data I have in Google and decided to sign in to my Evernote in the hope I store passwords there. He knows that by the time I'm alerted, he would have gotten valuable sign-in to my bank or credit card sites or PayPal. Well, sorry to disappoint him.
Since his intent is to steal money, he hasn't done anything else like send me ransom demands to get my data back. But this is something that could happen.
Anyway, Google can't be trusted anymore, even with keeping my sign-in secure.
I run a amall tight ship, but I'm not 100% sure it's tight enough. I stay away from many sites that dangle carrots, and I don't bite even when it's not a carrot but a stick I have to stay away from.
If something managed to get past, it would have to be a data logger malware.
This is the first or 2nd time it's happened, and if I just changed my Google password, and nothing else, I'm not going to stop a 3rd intrusion.
By the way, I have 3 kinds of passwords, and I try not to have too many.
First is Google's password.
Then a common password for sites that if hacked won't do much damage to me.
And then unique passwords for each site I deem have sensitive data or money.
I store all these passwords in an app that is not accessed thru the internet and only synced thru my own internal personal IP network, and the app is password protected.
So evidently, someone can sign-in to sites I sign in with my convenient Google sign-in. And if I change my Google password, in time someone will figure it out and then sign in again.
What he can't do is change my password and leave me out of my own Google account, as any password has to be verified by a one time password sent to my mobile device.
Anyway, I think the hacker couldn't find any money to steal from data I have in Google and decided to sign in to my Evernote in the hope I store passwords there. He knows that by the time I'm alerted, he would have gotten valuable sign-in to my bank or credit card sites or PayPal. Well, sorry to disappoint him.
Since his intent is to steal money, he hasn't done anything else like send me ransom demands to get my data back. But this is something that could happen.
Anyway, Google can't be trusted anymore, even with keeping my sign-in secure.
I run a amall tight ship, but I'm not 100% sure it's tight enough. I stay away from many sites that dangle carrots, and I don't bite even when it's not a carrot but a stick I have to stay away from.
If something managed to get past, it would have to be a data logger malware.
This is the first or 2nd time it's happened, and if I just changed my Google password, and nothing else, I'm not going to stop a 3rd intrusion.
By the way, I have 3 kinds of passwords, and I try not to have too many.
First is Google's password.
Then a common password for sites that if hacked won't do much damage to me.
And then unique passwords for each site I deem have sensitive data or money.
I store all these passwords in an app that is not accessed thru the internet and only synced thru my own internal personal IP network, and the app is password protected.