Add Support for Hardware Security Keys (e.g., YubiKey) for Two-Factor Authentication

[andrew0030]

Please confirm the following.

• I checked the existing issues for duplicate feature requests
• I have checked that this feature request is not on our roadmap

What parts of Modrinth is your feature request related too?

App, Website

Is your suggested feature related to a problem? Please describe.

It is not.

Describe the solution you'd like

I would like to suggest the implementation of hardware security keys (such as YubiKey) as an alternative two-factor authentication (2FA) method. As someone who values account security, the ability to use a hardware key in place of traditional security codes would significantly enhance the security options on Modrinth, providing users with a stronger and more convenient way to protect their accounts.

Additionally, I recommend allowing the registration of multiple hardware keys. This would ensure that users can add backup keys, which is an important safeguard in case a primary key is lost or becomes inaccessible. Some platforms limit users to a single key, which can present challenges in such scenarios.

Thank you in advance, for considering this enhancement to Modrinth’s security features.

Describe alternatives you've considered

Other forms of two-factor authentication, such as SMS-based authentication, could be considered. However, SMS is widely regarded as a less secure option due to its vulnerability to SIM-swapping attacks and other security risks. For these reasons, I believe implementing SMS-based 2FA would be a step backward in terms of security.

Additional context

Many leading platforms, such as Google and GitHub, have adopted hardware security keys as a highly secure two-factor authentication method. This has become a standard for users who prioritize robust security.
Offering hardware key support would align Modrinth with modern security best practices and provide a valuable option for users who are particularly concerned with account protection.