Passkeys are getting a lot of traction. I can now use them for everything from my Bank to my Pharmacy and even my PlayStation console. I don't think I'll ever get my family into using physical security keys, but the Passkey integration into Android, iOS and Windows is really slick. I have my fingers crossed.
very glad to have totp 2fa! i do wonder if changes to 2fa status should be a "send an email about this" action?
TOTP based two-factor auth is now live!
ooh very much would like passkey support
Just want to add to PromptCritical's comment about also wanting to have a "Via Email" option.
I do also like passwordless auth! Just not "MFA to email/SMS" (except as a fallback).
Honestly, both are good, so thank you regardless of which you pick!
internally, jae is a strong advocate for passwordless auth, but I'm a password + TOTP liker. long term, we'll do at least one of these, maybe both.
I would very much like a TOTP style solution.
I think with the recent push for passwordless auth and its now wider availability, it might also be worth it to consider having the option to forgo passwords entirely and only use a yubikey/passkey/whatever via webauthn. while theoretically it’s more secure to have it be multi-factor, that’s kinda rendered moot a lot of the time if you use a password manager…
definitely; i'd like to be able to use a yubikey or duo push
Yes! Wish I could edit the post to include not SMS/email x.x
Absolutely agree. Bare minimum something like Google Authenticator, with support for Yubikeys being great. Don't use email/text MFA, please.
purpleraccoon
It would be great if Cohost supported Multifactor Authentication, either with codes or security keys (eg, Yubikeys).
45 people like this idea