Support Passkey Login (or as 2FA)#423

Please support Passkey Login to make accounts secure.

Passkey (underlying API called WebAuthn. RFC8809) is the modern standard and generally best practice for secure login and 2FA. Due to its public key cryptography nature, brute-force and phishing are impossible.

Modern browsers like Chrome and Firefox, operating systems like Windows and MacOS and android, password managers like Bitwarden all natively support Passkey. Quite a lot modern websites, including Google, Microsoft, Github, Cloudflare, support passkey login.

Current TOTP 2FA is less convenient than passkey: you usually store TOTP in authenticator app on phones, so you need to find your phone, open authenticator app, remember the 6 digits and type them in the website. But you only need to click the prompt window from password manager/browser/OS to use passkey. And passkey is much more secure than TOTP.