I definitely think anything that can be done to add TFA, FIDO2 keys, Passkeys, webauth, etc. to the Cloud Server would be a very good thing. I’d also like to see emails being sent for new logins and any changes to login parameters.
I’m not so sure that doing so for MainUI buys much protection so the balance of added complexity needs to be weighed against the risks it would mitigate.
I know myopenhab.org and MainUI are completely independent, and I’m sure this feature is lacking on myopenhab.org. Yet, like you, I’m not sure whether implementing Passkey on the MainUI could be useful or just a burden, so I raised the topic for the community to share their views.
I didn’t want to create 2 separate topics because I didn’t know how the topic would develop, but if required I could start a separate one.
I’m not sure such votes make too much sense. In general, having passkey support is something cool and I guess nobody would mind to have it (as it is usually an additional way of auth, not replacing other ways). So it is mainly a matter of finding a developer, who’s volunteering to work on it.