Reading this article brought this one to mind: https://krebsonsecurity.com/2018/07/google-security-keys-neu... (about Google using security keys to deal with phishing)