I think the fingerprint auth stuff Apple’s working on will replace MFA: as I understand it, in Safari, the MacBook’s Fingerprint sensor implements the same protocol as a Yubikey or similar.
One can only hope (and fear) they utilize the secure enclave for this task.
Hope because it would allow me to utilize my mac as a Yubikey. I have no idea how they would synchronize it to all Apple devices, but i'm fairly certain they will find a way.
Fear because it will pretty much guarantee i cannot use my password manager on other platforms.
I already use Secretive (https://github.com/maxgoedjen/secretive) to store SSH keys in the secure enclave with touch id integration, and it works really well. I also keep a couple of Yubikeys as backup :)
