Having noted Brink's tutorial here ...
Set Up Security Key to Log into Apps in Windows 10
And especially the opening lines ...
A security key (ex: YubiKey) is a physical device that you can use instead of your user name and password to sign in. Since it’s used in addition to a fingerprint or PIN, even if someone has your security key, they won’t be able to sign in without the PIN or fingerprint that you create
I have bolded two words because I am puzzled.

Have two Dell laptops with 20H1 up-to-date.
Have tried to use "Sign-in Options > Security Key > Manage" but do not understand the outcome/results of doing that.
All apparently goes well (key inserted, clicked, accepted, all fine and dandy it seems).
But then dont see how I can use this key.
A restart only allows the standard password login/fingerprint/pin (one machine has all three while other only has password).
Inserting key has no effect on either machine.

Have read that Azure/Enterprise is currently only options that support these keys ?
So why can I set this up but not use it ?

Any ideas if this is coming to ten or eleven ?

Reasoning ..... I will have to login to one machine frequently in a room full of "younguns" doing IT ... so they have an "interest" in passwords and security and eyes in backs of heads.
Current workaround is Raptor but still practising to get the set-up correct as Ctrl/Alt/Delete has spat out the Raptor settings once ... so am testing again.
It (Raptor) does exactly what I want but just inverts it ....
.... encrypted usb key inserted = machine unlocked ...
.... remove key = machine locks.
No need to type in a password which can be seen as typed.

Further puzzle is that after setting up security keys the option to 'remove' is not there and there is no note to say that it is already set-up (as there is with password).