I wanted to add hardware 2FA to Apple ID, and noticed this particularly strange requirement.
I get that two keys is ideal (one as daily driver and one as a backup), but who actually REGULARLY uses both keys? Seems strange.
Can anyone who has this already setup shed some light?


I ran into an issue with hardware 2FA enabled and a new phone.
One of my Ubikeys is always plugged into my desktop, the other is on my keychain for wireless authentication with my phone.
Apparently, only the most recently used hardware 2FA is allowed to authenticate wirelessly to add a new device. Since my other Ubikey wasn’t wireless the only recourse was to remove the hardware 2FA, add the phone and then re-add the hardware 2FA.