It's great that HubSpot supports several different types of 2FA including authentication apps but most of these are phone based.
Phone based systems are increasingly vulnearable to hacking (digitally, physically, and human engineering).
While no system is perfectly secure nor perfect for every use but hardware based solutions like Yubikeys are an affordable highly secure way to implement 2FA.
A million upvotes for this! Another reason for implementing this option is to provide additional options for those companies whose employees do not have company provided mobiles and do not wish (or are not authorised) to have company apps/communications on their personal phones.
Agree we are moving away from phone related MFA due to the weakness of this and users in roles with high risk data such as data held in HubSpot are moving to YubiKeys for protection as we go forth so this would be great.