I was all for it and even bought a USB dongle to make it super easy. Turns out this shit doesn’t work anywhere. Fuck 2FA if nobody implements decent mechanisms.
TOTP - no particular investment needed, so very popular, but a bit onerous
Various MFA vendors that tie into their cloud services. I hate these since it means I generally have to get additional apps, with uneven platform support
Webauthn/Passkey - Cool, integration with my phone, a Fido usb key, windows hello if applicable, no need for external service, uses asymmetric encryption so it’s not shared secret and it’s more convenient… Almost no one bothers to implement it for their service though, despite it being pretty damn easy.
I was all for it and even bought a USB dongle to make it super easy. Turns out this shit doesn’t work anywhere. Fuck 2FA if nobody implements decent mechanisms.
Basically, you have:
I use Dashlane… It just handles all the user side of all of those for me, covering 2FA with the app/passkey nicely.