@mirbs Even if your account was compromised, it would be impossible for someone to access your vault via Obsidian Sync without the encryption key. This can be an extremely long passcode that only you know. That being said, I would still appreciate having to authenticate using 2fa after typing in my encryption key. Or possibly, an email when the vault is accessed would be nice.