If I can't log in with a yubikey or a TOTP time-based authentication token, I suspect that the organization doesn't take security very seriously. Ultimately there needs to be a private key involved, not punting to a third party.