@wkempf: oh my bad, my title is a misrepresentation.
It was more than the title. The entire post was full of comments like "trying to consolidate their password into a single attack surface" and "that can easily be cloned or modified or misplaced". That's not how these USB authentication devices work. They just take the "something I have" role in two factor authentication. Losing the device, having it stolen, or having it cloned are all non-issues, at least from a security perspective. If you lose the device you will have to replace it and update all programs/services that you authenticate to, which could be a hassle. But the end result is better security.