I like Evernote. It is multi-platform, convenient and supported by many software. However there is one feature that bugs me a lot. It has almost zero security.Tech savvy user can open your database and see your notes if they are sitting on your computer. Any simple sqlite reader can read the database. You can protect yourself against these attacks by encrypting your notes. However after you logged in and minimized Evernote, it doesn’t ask you password again when you try to open it again. Evernote has a PIN feature in its mobile clients. I just can’t understand the logic why they don’t add PIN feature to Windows version. I at least want to have some kind of security. Therefore I added PIN feature to Evernote.
Patch adds new DLL(EverPin.DLL) to import table of Evernote. When Everpin.dll is loaded by Evernote, Everpin.dll hooks ShowWindow api. Whenever ShowWindow is called with handle of main window and SW_SHOW parameters, our PIN dialog is shown. Everpin.dll is based on the code of Daniel Pistelli’s nthookengine When you patch Evernote with my patch, Evernote will ask your PIN whenever you maximized it from the tray. Default PIN is “1234” and can be changed later on easily. PIN is stored in EverPin.txt as SHA-1 hash. I don’t have much time therefore Patcher is coded as command line application. I may revise this topic and add GUI for command line disabled audience🙂
How to Patch
1. Unzip Evernote.zip to your Evernote folder.
2. Open command prompt and change directory to Evernote folder
cd %PROGRAMFILES(X86)%\Evernote\Evernote if your windows is x64
cd %PROGRAMFILES%\Evernote\Evernote if your windows is x32