Hi! Verifying possession of the hardware key for authentication purposes is one of the most secure methods available. It allows to mitigate many attacks on Netlify accounts and is more secure than 2FA these days, when 0day attacks on smartphones happen so often.
Here’s a good guide on the topic – https://doubleoctopus.com/blog/your-complete-guide-to-fido-fast-identity-online/
I’d like to request an ability to:
- Connect any number of U2F compatible keys to an account (for backup purposes) as a second factor.
- Be able to enable the strict requirement of the device presence to access the account, so it cannot be replaced by other 2FA methods.