[billdietrich1]

Please check my reasoning; I don't want hardware keys doing FIDO or something because:

- would have to have 2 or 3, in case of loss

- would have to register each key separately to each account

- when traveling, probably would have just 1 key with me, so if I lose it, I'm totally locked out until I can get home and get to a backup key

- even at home, if I lose a key, backup key should be somewhere safe off-site, so getting it would be a bit of a pain/delay

A hardware key just typing passwords or displaying 6-digit TOTP would be different. But not as secure as FIDO.

So, I think I'd like to have software TOTP everywhere. Vulnerable to phishing, and not a "something you have" second factor. But seems a good tradeoff of security/convenience/resilience for me.