iam aware that a lot of people use yubikey(s) for authentication, but my question is about how secure they are but what happens if you enable 2fa on devices that dont have support for it ie. smart tvs etc that dont have nfc and other devices that dont have nfc, does the account then become un accesible or have restrictions
I have Bitwarden password manager. I can choose to use a YubiKey but how would I use it on my phone? I would have to have the key with a NFC and a phone to accept it. But since I don't use it on my phone I'm fine as I only have a key with no NFC capabilities. I can load several different keys in case I lose one. If I were to lose all of my keys and had no access I would type in the secret very long code I wrote down and tucked away in a secret place. That will open the account and bypass all keys. I have a Yubikey attached to my google account. Google will let you have a password reset email if you choose. So if you lose your key you can gain back control with the email or even a phone number. But is that really secure? To be really secure lock it down so nothing can gain access without the key. But that's up to you. You can't use a YubiKey on any device or program that is not set up for it to be used on. So if your smart TV doesn't have support for it then its not going to happen.
I'm not sure the scenarios you want to support here, whether it's OTP (LastPass), TOTP (Authenticator), HMAC (desktop login, password managers) or U2F/Fido2 (suitable browsers). Yubikeys support HID communication via USB, and on some models, NFC. The only device that I'm aware of, that supports NFC is Android for things like TOTP codes - very useful and applicable if your 2nd factor is a TOTP/Authenticator code. On mobiles, authentication to the device itself is not supported, although there are moves to support Fido2 via USB into the phone. Like I say, I can't see the scenario here, because neither USB or NFC would be very congenial when you're in front of a smart TV even if it were to support the Yubikey. Most good 2 factor sites provide alternative/recovery access to website accounts (although those can weaken the two-factor). E.g. TOTP or one-time codes for a Fido2 protected account. Security & privacy are not really known on smart TVs.....
