Hi @Chris_Lyttle, great to hear from you, and thanks for the feedback!
We have been discussing Passkeys/WebAuthn internally, as some customers have recently asked about support for it here on the forum. Apple added support to the Autofill APIs in the latest versions of iOS and macOS that would allow Codebook to plug into that flow, and we spent some time looking at that. However, implementing it properly is no small thing, and we’re unsure how we would support them on Android and Windows. Those aren’t barriers to doing so, but they do give us pause, especially since Passkey authentication is still relatively new and not yet ubiquitous.
Use of a hardware token to authenticate with Codebook is a feature that’s been requested quite a bit over the last few years, and a feature towards which we’ve already put a considerable amount of planning and work. Much of that work was done in preparation for Codebook 4 but we put it on hold for various reasons (we thought it was out of scope for the changes in that version, and we also thought it wasn’t easy enough to use without leading to some customers accidentally locking themselves out of their data).
We still really want to get to multi-factor authentication in Codebook, but our higher priority has been the development of an automatic sync system that’s easy to use. There are quite a lot of people with just one copy of Codebook out there who are at risk of losing access to all their passwords because they’ve only bought the app on one platform, installed it on one device, and don’t remember to sync their data regularly.
So that’s our focus right now (and has been for some time), the upcoming sync service. We’re very near to beta testing I should add! Once we’ve got Codebook 5 out the door we will revisit MFA support, along with some other items we’ve been holding off on, and see where that lands on our roadmap.