[toomuchtodo]

If you can’t use a phone as a factor, it’s likely you’ll be issued a smart card (such as a CAC in the case of the military).

It feels like Yubikeys are a shim until the phone UX as a factor improves (and there’s more server side support) and/or smart card adoption for identity improves. If Touch ID and Face ID are good enough for most secure transactions in the Apple ecosystem (including Apple Pay), seems like a reasonably high assurance.

[closeparen]

Some of the U2F-only tokens are their own thing, but the flagship Yubikey is literally a smart card bundled with a reader. The USB token form factor makes a little more sense for an individually assigned laptop.

[toomuchtodo]

I have found Yubikey evangelism terribly difficult in both my enterprise and defense industry engagements, hence my smart card statements. For whatever reason, Yubico still has some perception challenges.