Ignore the ratings, just install the token.

I've personally been using it since it came out (3+ years) and never had a problem. I also haven't bothered to review it either, I probably should, but I'm guessing like most people it just works for us so we just use it and don't even think about that.

SE give you an emergency removal code to write down/make a note of and despite this, and regular reminders via email/launcher, but still a lot of people don't write this down and complain when they change/lose/upgrade phone and lock themselves out.

If you install operating system updates to your phone they're a chance it'll wipe the data the security token needs (really depends on the update), but if you have the removal code you just go to the special site, remove it and readd. Personally never had that happen though, but I can see why it might happen.