Good day,
I tried using the passwordless authentication feature in Nextcloud and I noticed it allows me to login using my FIDO2 device (a Yubikey 5) without having to type any password whatsoever. I am used from my experience with FIDO2 passwordless logins on my Microsoft 365 account to type the Yubikey PIN; I think this is considered passwordless even though I type a password of sorts because the PIN unlock the Yubikey, and the Yubikey handles the full account login. Are there any plans to make passwordless logins require the FIDO2 device PIN? I am running Nextcloud 23, so the login process may already be different for all I know. I plan to deactivate passwordless logins for now. Let me know if you have any questions. Thank you.
Alexandre