elsirion
commented
8 months ago Note that this would require a fundamental change (huge improvement) of our API auth scheme: We wouldn't just send a static secret with every request but rather acquire a session token on login which can then be used for a limited time to authenticate API requests. So this is also a Fedimint issue.
At some point we should consider adding 2FA to the guardian UI in particular