It would be great to have 2FA on the /admin/login route.
For now, I'll use allow/deny statements in my Nginx config :)
Cheers for your work on microblog.pub!
So for 2FA, the v1 used to support webauthn, and I actually have a branch to implement it, I just haven't got time to finish it yet.
It should make it to the main branch at some point!