One of the newer options for multi-factor authentication is using a security key, like the YubiKeys in the picture for this post. While not widely supported yet, many of the big tech companies – Google, Facebook and Dropbox, to list a few examples – do support the use of these.
The way these work is pretty simple (though I found the documentation on the Yubico website not very helpful): you register the key in the application in question. As an example, in Facebook, go to Settings > Security and Login > Use two-factor authentication > Edit. After entering your password, you’ll see Security Key as one of the options. From there, just follow the instructions to add a new key. After that, when logging in you’ll be prompted to use your key to complete the login process.
One other nice thing with at least the Yubico versions, is that you can store your one-time password configurations in them, for those applications that don’t yet support using a security key. Download the Yubico Authenticator application to your computer (and also your phone, if you have purchased a key that is compatible with your phone) and set up your accounts.
It is a good idea to get at least two keys, so that you have a backup in case your main one is lost or damaged. I initially purchased just one (the NFC version, so that I can use it with my phone), but have just purchased the USB-A nano version.