[alistairSH]

Using your dongle example, how do you access important services away from home? Carry the dongle everywhere? If so, you risk losing the dongle.

Same with your phone as the "thing I own". That's great, until the phone dies/breaks/gets lost. Hopefully you have a tablet as backup, or the paper copy of your one-time codes in your wallet.

I don't have a good answer. I just hate the idea of needing to access banking services when traveling should my phone become unavailable.

[bheadmaster]

> Carry the dongle everywhere? If so, you risk losing the dongle.

To be fair, we also carry our IDs everywhere and risk losing them all the time, yet it works pretty fine in most cases. Losing your ID is painful, and so would be losing the dongle, but the security of it outweighs the risk, IMHO.

Even more if we create dongles that are shaped like cards, so we can keep them in our wallets like IDs.

[AstralStorm]

Normally you do not use the ID in day to day operations. A better example would be a credit card, which combines a password (or pin) with a cryptographic chip.

The card itself is too easy to steal, hence the backup password. The other possibility is biometrics, but these come with their own problems.

[svachalek]

It sounds like you don't live in the USA. No passwords here.

[pabs3]

The answer with WebAuthn devices is to have more than one of them. When traveling, keep one in your safe, one with your home computer, one in the hotel and one along with your laptop. With WebAuthn passkeys, they are synced to the cloud so are available on all your devices or anywhere you have access to your cloud accounts.