[gbmor]

Go for it. They're inexpensive, handy, and easy to set up and use. I currently use it for everything from logging in to my laptop and using sudo (via PAM) to SSH (gpg-agent) to logging in to GitHub and other sites (via U2F).

[antihero]

I'm still very confused as to how the hell they work. Do sites need to explicitly support them? Can I just use it for 1Password?

Also I am a bit of a scatterbrains so prone to losing things. What do I do if I lose my YubiKey, are there recovery options?

Do you use it in addition to an authenticator app or instead of? I am really confused as to the advantages it gives.

[gbmor]

> Do sites need to explicitly support them?

The web site will need to support FIDO U2F, yes.

> Can I just use it for 1Password?

I've not used 1Password, so I don't know. The Yubico site should be able to tell you if a given thing is compatible.

> What do I do if I lose my YubiKey, are there recovery options?

Nope. Get two of them.

> Do you use it in addition to an authenticator app or instead of?

Sort of both. So if a site supports the use of an authenticator app but not FIDO U2F, I use the Yubico authenticator app. When opened, it stays locked until my Yubikey is tapped against my phone.