This type of authentication uses something that you have as the authentication tool, usually ID-card or keys. This type of authentication is definitely stronger than the authentication by ‘something you know’ in my opinion because the attacker need to steal the tool used for the authentication before he/she can authenticate himself/herself. And when we keep the thing required for the authentication very securely its almost impossible for the attacker to authenticate himself/herself as ouself. So, the point to make this kind of authentication is save is to save the authentication tools itself. Keep your ID-card and keys save, out of the reach of the unwanted people. Sometimes you have more than one keys, make sure that the other keys is saved securely.
The difficulty of having this kind of authentication is when the tool used for the authentication is lost or stolen. Well, I think lost is better than stolen. Just hope that the person who will found it is a good person. If not then its the same as stolen because the person who found it will have ‘something you have’ that used for the authentication. Keys also can be duplicated, so don’t lend it to anyone easily. Although keys nowadays is very difficult to be duplicated because of the complexity of its curve. But I think its still not impossible for someone to duplicate it.