Add support for hardware keys (U2F/FIDO2) MFA

talya

Currently the only available method for Multi-Factor Authentication is TOTP (6 digit codes from MFA app). While this is great, TOTP can still be phished. Additionally, they can often be somewhat inconvinient, as you need to have your phone nearby when you authenticate.
I think that both for security and convinience, support for hardware keys, such as the YubiKeys, is a must.
The best way to go about it is probably with FIDO2, which is the latest standard for such keys. Support for the older U2F is probably a good idea too, to support legacy devices.

Mathilde

Hello @talya,

Thanks for describing your feature request here! It would be super nice to have FIDO2 and U2F support in our 2FA implementation. We could also maybe support Passkeys.

Sadly we don't have any funding for this at this time. Hence, it's not on our short/medium therm roadmap. While we won't forget about this, it's unlikely we'll be able to develop the needed implementation anytime soon.

Hope you'll understand.