Isn't availability usually from the service still being accessible in a technical sense? Password lockout policies will also result in people being locked out often until manual review or the use of some (hopefully secure) second factor. With hardware tokens there just needs to be an established - and efficient - process to replace them or allow access on an ad-hoc basis for exceptional cases (a bit iffy perhaps but also possibly necessary given practicalities). There's no dispute that passwords mean you don't have to worry about things like what USB ports your laptop has, but that's mainly because of the fact they're just strings that you type in which is also their entire issue for phishing/hacking etc.
Either way, availability can be compromised by a hack due to passwords being phished and I think I'd prefer dealing with hardware tokens than the fallout of being phished or otherwise suffering credential compromise. That said at this point I probably wouldn't issue hardware tokens en masse until proper processes are in place to manage them (and their loss/breakage/etc) - it's certainly not solved to my satisfaction yet.
Either way, availability can be compromised by a hack due to passwords being phished and I think I'd prefer dealing with hardware tokens than the fallout of being phished or otherwise suffering credential compromise. That said at this point I probably wouldn't issue hardware tokens en masse until proper processes are in place to manage them (and their loss/breakage/etc) - it's certainly not solved to my satisfaction yet.