Hardware 2FA Keys vs Software Authenticators: Which Protects Your Crypto Best?