I realize there are not many good options, but it pains me to see crypto apps depending on email for secure auth

Not to pick on @boscolo.eth but we previously required all web sign ins to use your mobile device via QR code and people complained. A ton.

For most cases, email is quite secure. That’s why so many at-scale consumer services use it.

We plan to add a few options to improve this, but the tension between good consumer UX and default security is real.

Balancing user experience with security is always a challenge. Exploring multiple authentication options sounds like a smart step forward. Looking forward to seeing how you tackle this issue with innovative solutions.