I already SN paid plan and was thinking of making use of its 2fa feature. I’m planning on making a new account, share my subscription with it, and using it solely for 2fa. Should I go with it? Michael Bazzell once mentioned it in his podcast and that’s where this idea stems from. Sounds good to me, but I wanted to make sure I’m not missing any caveats or such here. Thanks.
I see no issue with you using it this way.
But Ente Auth would be a much simpler and easier option to have for 2FA as it’s built for it.
The only advantage SN would have here is that if you don’t want to use your phone to save new tokens but only want to use the web version all the time to save and view and manage your 2FAs.
The con to this option is that you’ll have to keep paying for it for as long as you want to use all its premium features. And SN is not cheap. But if this is not an issue for you, then by all means use it.
1 Like
One thing I’d recommend is that you set up secondary multi factor options for SN to login, such as email or security key. In my 5+ years of using it, I’ve been randomly logged out more times than I can count and if you are only storing your 2FA codes in SN, you could end up locked out without a second device logged in.
You seem to be experiencing some sort of sunk cost fallacy.
I think Aegis is a better choice. Use the right tool for the right job.
Ente Auth is cross platform making it a no brainer. There’s also a web version with a view only option which is useful if you end up losing all your devices and your backups.
I have used SN a bit for 2FA and plan to move more items over. Works well for me.
1 Like
I do use Ente Auth but without account, and was thinking of moving to SN due to the reason you mentioned, as I don’t want to get locked out of my accounts in case I lose my phone.
I think same can be done with Ente too, but my first impressions aren’t great with them on account of their mail going to spam when I first tried to sign-up and all. I’m already paying for SN, so may as well. Thanks
Can you elaborate more on this? My general use case would be to keep it logged off until I need it, without any 2fa attached to the account in case I lose my device. I’m willing to take the risk instead of getting completely locked out
Unfortunately it’s Android only, and not available on iOS.
1 Like
Just what you mentioned here, if you plan to use it for your 2FA codes, you either need to leave it secured with just a password and no second factor or have to have your recovery codes saved somewhere outside of SN so you can use them to access your account in the event you get locked out or something.
Considering it’s online functionality, I would recommend using a second factor like a security key as having your 2FA codes compromised basically leaves all your accounts with single factor access if they were compromised.
1 Like
In my view, using Standard Notes solely as a 2fa app is, first and foremost, a waste of money.
Though, even if you utilize its premium note-taking features, using its 2fa plugin is janky compared to a dedicated 2fa authenticator app. And not taking precautions to locking yourself out of your accounts is just asking for trouble.
Does Bazzell offer any reasons for him preferring Standard Notes as a 2fa solution?
1 Like
Please use an authenticator app like Ente or Aegis. Standard notes as its name suggests is a notes app not an authenticator app. And lacks many features that other authenticator apps can provide. I never really understood the idea of adding authenticator functionality in a notes app… A notes app can be a productivity tool with other features like ToDos, collaboration, saving files etc., but an authenticator?
I don’t really remember honestly. He mentioned it in one of his podcasts episodes, I’ll have to check them again to see
Can you elaborate on the features it’s missing?
Grouping, custom icons, bulk export. A nice UI. Apart from saving 2FA these are the only things that I care about in a 2FA app. I really think you should use a standalone app for this. It’s one of the most important parts of your account security setup.