To me a pretty nice project would be the 2FA implementation, whether using a third-party service or an internal one.
Having more security with our sensitive data is extremely important. These days we cannot rely anymore on having only an username and password authentication. Even with strong passwords, I feel not safe enough with this approach. I know 2FA is on their roadmap and, although I don’t consider it to be a big project, it would be incredibly benefic.