And U2F tokens, which are even better than TOTP as they are immune to phishing. TOTP codes can be and commonly are phished.
U2F is the current state of the art for 2FA. App/Device-based 2fa (krypton, Google App’s “approve on other device”, authy’s “approve on other device”, keybase, et c) are second.
TOTP is in a lot of ways more trouble than it is worth.
U2F is the current state of the art for 2FA. App/Device-based 2fa (krypton, Google App’s “approve on other device”, authy’s “approve on other device”, keybase, et c) are second.
TOTP is in a lot of ways more trouble than it is worth.