Comment by gregjor

We can all dream up improbable scenarios that will neuter reasonable planning and precautions.

I travel full-time and work remotely, for over a decade. I have lost my phone once. Both Apple and Android phones sync passwords and ssh keys (if you set it up) to their encrypted cloud services. If you get a new phone everything comes back.

I put my most crucial keys and backup codes on a biometric-locked USB key that I protect along with my passport. I have never needed to use it, but in case I lose my phone and can’t get into my cloud account I have that.

I use a Yubikey for 2FA where supported, I have two, one handy and one secured with my passport.