I don't download my email. I have a webmail for a reason - I don't want a mail client with all its attendant files gumming up my PC. I moved off Netscape Communicator to webmail because it took up over 40% of my drive, and I've never regretted the decision.
And I don't like 2FA either. It's a hassle and never, ever, worth my time or energy. There was one gaming service (I think it was an MMO) that demanded 2FA or bust. I don't use that service and never will.
That seems to be a rather dangerous position to hold these days. I personally dislike that googles 2FA is SMS based (unless there's a way to use e.g. Authy with it that I'm unaware of), but still seems that the only way to be reasonably safe is a strong password and 2FA.
I'll add that The authy app on the Apple Watch has made 2FA for services that support it rather painless.
Google does allow other apps (I think it is still same as GAuth) SASS pass and other authenticators with good. But yes they don't allow other token provides like Yubikey or RSA fobs
Google is one of the major proponents of U2F, which is based on hardware tokens. Yubikeys support it, either the cheap U2F-only one or a Neo / 4. I use it and it works flawlessly. At the moment, only Chrome implements the required APIs as far as I know, but Mozilla is working on adding it to Firefox.
> But yes they don't allow other token provides like Yubikey or RSA fobs
I think this is incorrect, at least provided you're using Chrome. The implementation was buggy somewhere in the chain the last time I tried it, but it's there.
And I don't like 2FA either. It's a hassle and never, ever, worth my time or energy. There was one gaming service (I think it was an MMO) that demanded 2FA or bust. I don't use that service and never will.