[user5994461]

SecurID has been the gold standard for more than a decade.

Not to dismiss YubiKey but companies that can afford 2 factor and take security seriously already have SecurID for a long time.

[pgeorgi]

SecurID is just an expensive TOTP implementation (although a very established one, as you noted)

That "gold standard" required reissuing 40 millions of devices in 2011 due to a single server breach. Lockheed-Martin was apparently really, really happy about it, too.

If that's your desired level of security, just use any TOTP authenticator app on your smartphone.

[user5994461]

SecurID also does private key, certificate authentication and much more. The TOTP is just one of many options.

A lot of mails going to the post office. That's one of the good thing about this hardware tokens, you can decommission and replace them easily.

What's expensive it to redo all your applications and systems to have 2 factor authentication.

[zurn]

Smartphones are insecure unless you can control all your users have new Apple phones.

The problem with many affordable TOTP tokens is clock drift. Are RSA's tokens better with that?

[pgeorgi]

Was there a practical attack on TOTP on smartphones that affected 40M users and spilled industrial secrets? SecurID managed to hit both of these.