[vifon]

> Yeah, yeah, security vs. convenience is always the issue, but so far I've just selected convenience.

In terms of the SSH and GPG keys which I use multiple times every single day for me this is convenience. I have my keys always on my person and they are tied to me, and not a particular machine. Whether it's my laptop, my desktop or my phone, I have a single pair of keys that are virtually impossible to steal even on a so-so trusted device like a proprietary phone.

When you start considering a security key as a portable credential storage to use across all your machines, it becomes actually more convenient, not less.

[nextlevelwizard]

I am just not at all paranoid about my SSH keys. Those are password protected and the worst that you can do with them is to run some low yield miner on my machines. I guess you could "steal" my source code, but I publish it free on github anyway.

Maybe convenient if you are administrator or something, but for normal life seems unnecessary.

However I can see the appeal of having everything behind a physical factor