Funny how the mindset is that if we simply controlled/hosted the software/authenticator, we'd be secure. Keep in mind the average company is not very secure, and whether they use Yubikey or whatever, the attacker just has to hack the authentication server and they can generate however many Yubikey passwords they want. So there is still a single point of failure, and now it's the complete responsibility of the customer's IT dept.

Some people use a safe deposit box at the bank because they trust that the bank will keep stuff safer than they can. It's a personal decision. Neither is better or worse, smarter or dumber.

Funny how people gravitate to sinister motives and conspiracy theories. Has any stopped and thought about all the companies that don't even have a process to backup seed records? What happens when they lose that CDROM or whatever the records are held on? I bet they call RSA to give them a copy of the records. If RSA tossed the records, then anytime a customer loses the records they end up with a useless pile of fobs.