I have 2 Nitrokeys 3Amini.
They can be used to securely store encryption keys, and also include a secure element.
They are FIDO2 certified so they support challenge responses etc (I am not too much into this).
They also include a secure element, which can be used for encryption key generation and more.
I imagine it would be a really good and affordable hardware upgrade to plug in a key, and to support it software-wise.
What do you think? Does it make sense?