@molly0xfff These drive me crazy, I find they just create a larger surface for vulnerabilities. Like, I’m absolutely sure I want my physical token key to be the only way to authenticate, but nooo, I have to use an insecure SMS or app-based two-factor token. It drives me crazy!