Please add passkey support for Heidi accounts using FIDO2/WebAuthn. This should support platform passkeys such as Windows Hello, Touch ID, Face ID, Android passkeys, and roaming hardware security keys such as YubiKeys.

Ideally, passkeys should work both as a passwordless login option and as phishing-resistant MFA, with support for registering multiple passkeys per account. For Teams/Organisations, admins should be able to require passkeys or security keys for higher-risk accounts.

This is especially important for healthcare because Heidi accounts contain or access sensitive clinical information. Current MFA options such as SMS and email are less secure and can be frustrating in a busy clinic workflow, while authenticator-app codes still add friction. Passkeys would improve both security and day-to-day usability for clinicians moving between devices, rooms, and browsers.