I moved my SSH key to the YubiKey hardware key.
Now in case of laptop hacking, e.g. via npm dependency, at least the SSH key (and all sessions with 2FA, which is also on the key) cannot be stolen.
https://developers.yubico.com/SSH/Securing_SSH_with_FIDO2.html
I’m so into security because I really don’t want half the internet to be hacked by PostCSS, or any of my other projects (plus I’m making a privacy-first RSS reader right now)
And you can always donate to me for my efforts to protect the internet.
https://github.com/sponsors/ai