
Support two factor authentication, totp at the minimum - DOS#6223


This is huge please don’t implement sms based as vulnerable to hijacking. Please allow Google authenticator/ authy / Aegis.
Scrolled too far to find this suggestion xD
Agreed SMS is done, Google is phasing it out. TOTP is the minimum now, though not very user friendly. I see providers using magic links and passwordless more and more.
Any MFA is a welcomed addition, thank you!
Skip all the rest and go straight to passkeys.

I will burn this place to the ground if it’s “passwordless, sign-in link in an email”.