Verified purchaser
Letterly has a critical security Issue: there is NO protection for you account and Data!
I love Letterly and really hate writing this review.
I am the IT Security Manager in our company of about 1000 employees (but i use AppSumo only for my spare time work for non-profit ogranisations) and unfortunately Letterly is grossly negligent and NOT secure:
The starting point:
By now the whole planet knows that email is not secure: You can find hundreds of millions of hacked email accounts on the darknet - so they are pretty easy to hack.
The risks with Letterly:
1. If a hacker has access to your email address, they can get YOUR Letterly licence code. They can misuse it and delete your registered devices.
This becomes a nightmare: as long as a hacker has access to your emails, they can misuse Letterly. If your smartphone or computer is infected with malware, you will no longer be able to use Letterly because Letterly does not allow customers to set a login password and simply set a new password if you have been hacked.
BUT IT GETS MUCH WORSE:
2. If the hacker has access to your emails, he can also access Letterly's web application WITHOUT a password. This means:
❯ The hacker sees ALL of your notes.
❯ The hacker can read, copy, modify and delete your notes.
Not a single Letterly customer wants this 100%.
Ilfat_Letterly
Aug 26, 2024Hi there! Thanks for taking the time to check out and evaluate Letterly.
We're a bit puzzled about the issue you're experiencing. If someone has access to an email, they could potentially access any service linked to that email, like Notion, Slack, or other secure platforms. And a password won't help in this case, because you can always click "Forgot your password." The possible solution to your problem might be two-factor authentication, but we know that, for example, only 2.5% of Twitter users have opted for 2FA.
Security is a top priority for us, and we put a lot of effort into it, including third-party audits to ensure we're on the right track.
We'd really appreciate it if you could let us know what you see as the difference between our email authorization and that of other services and what you think we could do differently. We are open to discussing this and improving. Just email us at [email protected].
On a personal note, I want to say that I completely understand your concerns. Working in a specific field makes it hard to avoid a certain professional bias, and as an IT Security Manager, you evaluate anything related to your work very strictly and meticulously. Thank you for that.