Administrator authentication

Protecting operator accounts that can change production.

Customer-facing auth methods (passkeys, OAuth) complement — but do not replace — operator protections.

Requirements

Phishing-resistant MFA for Cloudflare dashboard users where supported (security keys / passkeys).
No shared long-lived passwords in CI; short-lived tokens tied to pipelines.
Separate roles for billing vs engineering vs DNS control where feasible.