Hardware tokens like Yubikey are resistant to phishing attacks for example. They also need physically attached to the device, you can hold keys offline etc.