For keys used in authentication, I feel like rotation largely just protects against keys being leaked. If you can enforce keys to exist only on a secure element then to me I feel like rotation is no longer needed in this particular scenario. With the exception of the key strength no longer being enough or something similar.
Do non-technical users know how to operate a secure element? Is that an encrypted home drive on a laptop protected by a weak password?
I appreciate your input, but I still think 2FA is the most secure and usable method for non-technical people. Of course, no SMS (at least outside the US).
There are a lot of commercial solutions out there, but for those of us with macs and without control of our org's IT spend, there's Secretive [1], although it lacks a way to prove that a key is hardware backed.
Perhaps I'm overlooking something?