Death to email! Stop using email entirely unless users opt-in. Give users the option of FIDO or passwordless auth apps with a reset code or oauth federation with a third party.

I was listening to a security podcast in which the host was quite proud of having lots of Yubikeys around. No way this scales to the general population.

For companies, I think it should be part of the employee badge's cost. Just another peripheral.

I think it can indeed scale, people use USB drives a lot, think of it as another peripheral similar to mouse or keyboard. It is especially more attractive as a single factor auth when you go passwordless. It is a similar security model as physical keys and the cost is only ~1x more.