Essential Consulting, LLC
On April 10th major announcements from the FIDO Alliance, the World Wide Web Consortium (W3C) and Yubico marked the start of using security keys to replace passwords for signing into websites, applications and computers.
Security keys have been in use as 2nd level authentication for sometime now, but adoption has been low. Now that the FIDO2 protocol for the keys is advancing to a standard by the W3C, adoption should take off. Sites adhering to the standard do not store anything of use to any hacker, so the keys are far more secure than any password.
A key supporting FIDO2 is like a key from your keyring. If lost, it holds no identifiable information that can be derived from it, so it is useless to whoever finds it.
You can find out more technical information at the FIDO Alliance and Yubico. Microsoft has a great article by Alex Simons here:
Photo is from Yubico at www.yubico.com