The in-built e-mail second factor is not as reliable and requires to store e-mail account data on the website which is not ideal from a security perspective.
Is there a plan to integrate proper 2FA such as generation of QR-Codes for TOTP or even FIDO/Passkey Support built-into Kirby? IHMO this is so super important nowadays that this should be done.
Thanks
Andreas
Not that I’m aware of, at the moment the focus is on the release of Kirby 4, so any new features would have to wait until after this release.
Feel free to create a feature request on https://feedback.getkirby.com
Done: Support modern authentication: FIDO/Passkeys, TOTP, OTP etc · Kirby Feedback (nolt.io)
However, I think that such a crucial security point should not be voted on, it should be built-in on a serious plattform such as Kirby.
</Strong suggestion rant end>
You could have a look at implementnig auth challenges as described in the docs:
Thank you I have seen this but I am not a professional programmer so I will not try to implement authentication on my own that is too risky. Neither should people who don’t know Kirby as well as the core team does that is why I am saying this should absolutely be a core feature.
Agreed. 2FA should be the standard these days. I suppose in lieu of such a feature, it’s important to keep good backups, so if the worst does happen, you can always restore.
We are in the year 2023 and this should be self-evident 
I’d recommend version control systems like Git.
Something can always go wrong, even if you are not hacked.
Loosing the content might be painful but is nothing compared to other things than can happen. For example: you have third party integrations with APIs key such as your CRM or newsletter system and a hacker steals customer data. Or you saved access data to an e-mail account, opening up a whole different can of worms. Or what about payment systems? The list goes on and on.
At least TOTP - Passkeys we’d like but maybe later, not 4.0
True but at least TOTP 
