Implement Two-Factor Authentication (2FA / TOTP) for Login #969
Description
Currently, LinkStack relies solely on single-factor, password-based authentication. Given the rising security threats and the fact that users manage their personal or business links/data through the dashboard, a single layer of security is often insufficient.
I would like to request the addition of native Two-Factor Authentication (2FA) support for user logins.
Ideally, this would be a Time-based One-Time Password (TOTP) implementation, allowing users to scan a QR code and use standard authenticator apps (like Google Authenticator, Authy, Aegis, Bitwarden, etc.) to generate a 6-digit code during login.
The current workaround to secure the login is to place the entire LinkStack instance behind a reverse proxy with a separate identity provider (such as Authelia, Authentik, or Cloudflare Zero Trust). However, this setup is too complex for many self-hosters and doesn't provide a native, per-user 2FA experience directly within the app dashboard.
Implementing native 2FA would greatly enhance the security of LinkStack and align it with modern security standards and self-hosting best practices. It would give users peace of mind when exposing their instance to the public internet.