What is the threat model where an attacker gains access to your 1password vault in a way that gives them only a single OTP code and your password, and not the underlying symmetric TOTP key?
I think the point wasn't that 1password TOTP is more secure than separate TOTP device, probably even less secure than typical alternatives, but it is present, convenient, automatically backed up and safer than just a password.
- attacker looking over your shoulder as you enter your password
- Company mitm breaks open ssl encryption and reveals your password.
Obviously, if someone breaks into your 1Password it’s game over.