Passwords are very insecure so it’s best to use 2-factor-authentication whenever possible. The common options are “send a text to my phone” to verify it’s me or use some app like Google Authenticator, Authy, or another trusted device.
Some recent high profile hacks were done by hackers obtaining a SIM card with your phone number and using that to bypass your two-factor-authentication. That’s how, for example, Twitter’s CEO’s twitter account was hacked.
YubiKey is a new-age old-schooly option. You forget passwords. And just use a physical key as your authentication device. This physical key in bubble-wrap is my “password” for everything. And there’s only one copy of it. So we go back to the old way, use a physical key to get into things. What’s a password anyway!