In theory yes.
Hardware tokens are bound to keys
Software baes tokens can be synced with password managers (3rd or 1st party)

And the client cert abandonment problem is an entirely other issue.