2FA by hardware key only
Being able to add physical Fido token is great but I would like that the requirement for TOTP to be removed.
TOTO is quite often software based and software = surface of attack. Physical token allow air gap and are very secure and I don’t need TOTP personally, it makes my account vulnerable.
Also just like Apple, a minimum of 2 physical tokens should be enforced since having a single token is putting you at risk of you loose it. 2 or more should be the rule of thumb.
3
votes
![](https://secure.gravatar.com/avatar/178a60c227e2da136863a1b530ddfbb1?size=40&default=https%3A%2F%2Fassets.uvcdn.com%2Fpkg%2Fadmin%2Ficons%2Fuser_70-6bcf9e08938533adb9bac95c3e487cb2a6d4a32f890ca6fdc82e3072e0ea0368.png)