FIDO2 is already inherently 2FA. The hardware token is something your
have and the PIN or biometric that unlocks that specific token is
something you know or something you are. FIDO2 intended to be used
instead of a password, not with one. Microsoft ...
