[w9r09eridlk]

I feel stupid for asking this, but what if you lose your key?

[mimming]

It’s not as big of a deal as you might expect because:

- The spec requires providers to allow independent addition / removal of multiple keys per account, so it’s easy to manage backup U2F keys.

- Providers can use any backup authentication method they want. This includes SMS codes, TOTP / HOTP apps, email resets, or maybe VCing in to tech support.

And even if the backup method is less awesome (e.g. sms codes) it still reduces your risk because because you use it less often.

[edit for formatting]

[steve19]

Is it a good way to store SSH keys? Looking at the company website is seems a little hacky.

[idlewords]

It's not a stupid question. When setting these up, you have four layers to fall back on:

1. Any other keys you added to the account (like a coworker's)

2. TOTP app like Google Authenticator

3. Printed one-time backup codes

4. Onerous account recovery process through support.

[sonaltr]

You are supposed to have 2 keys - that way you can loose one and still have a backup.