[tedmiston]

> A co-worker told me to move all my 2FA to Authy as a means to avoid locking 2FA to hardware, but I haven't sufficently looked into it yet.

I've heard this approach of cloud-based second-factor auth keys called "1.5FA". It's probably enough for most people, most of the time.

That said, in the case of a broken phone and away from your computer, you'd still need either a second device that's already logged into your vault or a backup recovery code. That's a good thing for all of us to keep in mind the next time we're traveling.