While the 2FA login option via email code is useful, it slows down and complicates the login process.
Passkeys have arrived and help eliminate phishing and leaked passwords.
It would be nice to be able to create a passkey for ghost and use that as login option along an email for identification.
Agreed, passkeys would be a nice security improvement, or even just TOTP 2fa. Both options preferably.
You mean staff login here, but I think Passkeys would be also great for member logins. It’s even more secure and way more practical than email magic links.
Yes, though the whole point of the magic links for members is a two-birds-one-stone approach FWIW. By “forcing” magic links, the email addresses are always verified with double opt-in.