[KronisLV]

> I don't use my phone to log in to anything. All my stuff is done on a computer with a password manager.

More or less the same, except that I haven't found good TOTP solutions for the desktop, to the tune of KeePass (something that can run on Windows/*nix instead of making me use something like FreeOTP, Google Authenticator or other Android/iOS apps; or in addition to the mobile apps).

That said, even with multiple Google accounts for different things (e.g. personal e-mails, file storage, cloud services etc.) it feels like eventually you might want something like Qubes OS, another way to run multiple separate VMs, or just use separate devices for separate use cases.

Much like how some orgs have separate laptops for accessing prod environments, that are more tightly controlled, even though that's not convenient enough for most people.

[SAI_Peregrinus]

KeePassXC supports TOTP. Right-click a key, TOTP→Set Up TOTP... and put in the secret key (and settings if needed).

[KronisLV]

Thanks, this seems like the solution with the least friction for someone who's used to KeePass! A lot of other good solutions in the sibling comments as well, actually.

[pabs3]

I do TOTP on desktop Linux with Firefox, browserpass and pass.

https://github.com/browserpass https://www.passwordstore.org/

[saulrh]

Bitwarden will do TOTP, and its CLI tool is quite usable. If you want it fully local, just stand up a docker of their server software (which is open source) or the open source reimplementation (vaultwarden).

[josteink]

> Bitwarden will do TOTP

Not disputing this, but it requires a “pro” account which is $10 a year.

No big deal to me, in fact I find it a great deal, but I think it’s fair to be clear about this as not to provide false expectations.

[saulrh]

Fair. And self-hosting an instance in the cloud is probably comparable in cost.

[Ciantic]

Depending on your setup you could just generate TOTPs on command line and copy to clipboard, that's what I've implemented: https://github.com/Ciantic/totper

It works pretty well with pass (password manager) that stores each individual entry in GPG encrypted file. GPG is pain, but if you happen to use it already then it works.