Gmail – Options for 2nd Factor using corporate Gmail

I'm working from a corporate account. The company uses Google's services. The account is only password protected. I use Opera when accessing this account.

I have a personal, throwaway Gmail account that uses GAuthenticator. I use Firefox when accessing this account. The separate browsers ensure segregation of personal and corporate data.

I want to add a second factor for the corporate account. Rather than a phone app like GAuthenticator, I want to use a token generator like RSA SecurID or Yubikey for one time passwords (or another OTP/token generator).

The problem with the above requirement is Yubikey only works in Chrome, and not IE, Firefox or Opera. Plus, Yubikey requires a USB port, which phones and mobile usually (often?) don't have. So Yubikey is really not a viable solution/alternative.

There are three questions here:

1. Does corporate Google services support second factor (besides GAuthenticator/Yubikey) generated from a dedicated token or key fob – and displayed to the user – that I can use with any browser or device?
2. If so, what is it?
3. How do I get Google to enable it on the corporate account?

For (1) and (2), I am wondering what the options are. I am interested in token generator/key fob options that displays the one-time password that "just works".

For (3) I am wondering how to do it. Do we have to send in a request to enable a particular Pluggable Authentication Module (PAM)?

Related:

I use two browsers because trying to use two instances of the same browser is absolutely broken. Google insists on corralling all accounts into a single looking pane. So trying to log in with one account in one browser, and the other account in the other browser breaks sessions in both instances.

GAuthenticator is good if you have one account and one device. But it fails miserably if you want to install the app on multiple devices (or I have not figured out how to do it, even though I printed the bar code). And I don't want data from two different accounts commingling on one app. If something happens to my only Gauthenticator app, then I lose access to all accounts.