Yes, but one has to buy another device, and only a limited number of companies support it at the moment [1]. It doesn't look like any of the banks I use, any of the credit cards I use, or the tax filing service I use support it. Not to mention that this website and other forums I log into aren't mentioned there either.
Some of those companies offer SMS or email based 2FA as an option.
In any case, every single one of those services allows me to connect using TLS where my browser verifies the server's identity via the CA bundle I have installed on my machine. I simply don't see why companies don't make the investment to support client-side TLS authentication or start supporting U2F.
> And there's no way to steal your key without physically getting the dongle.
I would contend that it's probably easier to steal the dongle as opposed to my machine at home.
Client-side certificates are widely used among the Estonian population btw. It's basically the rest of the world that has caused the need for U2F/TOTP because they can't deploy smartcards with certs to users.
Some of those companies offer SMS or email based 2FA as an option.
In any case, every single one of those services allows me to connect using TLS where my browser verifies the server's identity via the CA bundle I have installed on my machine. I simply don't see why companies don't make the investment to support client-side TLS authentication or start supporting U2F.
> And there's no way to steal your key without physically getting the dongle.
I would contend that it's probably easier to steal the dongle as opposed to my machine at home.
[1] https://www.yubico.com/works-with-yubikey/catalog/