Shoulder surfing

I am looking to reduce the risk of ‘shoulder surfing’ by using a key so in the case someone knows the password (keylogger, shoulder surfing) they still need the physical key in order to obtain access to:

Bitwarden Password manager
Protecting Elektrum seed / password (in one case)

Some of these offers are ‘passwordless’ while others seem to work with a pin, that can be circumvented with the passphrase if you do not have the key at hand.

What key and setup would be the best defense against shoulder surfing?