This has been discussed a lot on github and on this forum.
If someone has physical access to your machine/device, you have much bigger problems. Joplin will be the least of your problems.
Even, if you were to have a login to the Joplin app, the data would still not be encrypted on your local disk.
On the other side, there are options to make it highly secure locally. But please note - security always has the drawback of adding complexity to your workflow.
You could create an encrypted container (TrueCrypt, VeraCrypt, luks, cryptsetup, …) and place the Joplin files in the container. Then you have to create a link from your default profile directory to the container.
That’s pretty much it.
I don’t know how evernote stores the data on your local device, but Joplin does so in clear text.
If you search this forum, you will find endless discussions on this topic, where the developer also explained the reasoning.