What is your recommended two-factor authentication setup? Trying to figure out what advantages a physical token might bring. How do you handle theft/seizure of a yubikey for example? 🤔