Add Support for Hardware Security Keys (e.g., YubiKey) for Two-Factor Authentication #2481
Open
2 tasks done
Labels
enhancement
New feature or request
Please confirm the following.
What parts of Modrinth is your feature request related too?
App, Website
Is your suggested feature related to a problem? Please describe.
It is not.
Describe the solution you'd like
I would like to suggest the implementation of hardware security keys (such as YubiKey) as an alternative two-factor authentication (2FA) method. As someone who values account security, the ability to use a hardware key in place of traditional security codes would significantly enhance the security options on Modrinth, providing users with a stronger and more convenient way to protect their accounts.
Additionally, I recommend allowing the registration of multiple hardware keys. This would ensure that users can add backup keys, which is an important safeguard in case a primary key is lost or becomes inaccessible. Some platforms limit users to a single key, which can present challenges in such scenarios.
Thank you in advance, for considering this enhancement to Modrinth’s security features.
Describe alternatives you've considered
Other forms of two-factor authentication, such as SMS-based authentication, could be considered. However, SMS is widely regarded as a less secure option due to its vulnerability to SIM-swapping attacks and other security risks. For these reasons, I believe implementing SMS-based 2FA would be a step backward in terms of security.
Additional context
Many leading platforms, such as Google and GitHub, have adopted hardware security keys as a highly secure two-factor authentication method. This has become a standard for users who prioritize robust security.
Offering hardware key support would align Modrinth with modern security best practices and provide a valuable option for users who are particularly concerned with account protection.
The text was updated successfully, but these errors were encountered: