[hnlmorg]

TOTP 2FA is terrible for this. I’ll sign into a website, pick my phone up to read the TOTP code, and instead end up on HN or Signal or something. Put the phone down after a couple of minutes, look back up to my computer screen with the 2FA prompt and go “oh yeah, that’s why I looked at my phone”

That happens probably 50% of the time. And I wish that was an exaggeration.

[ydant]

This is exactly why I've eventually ended up with almost no notifications on my phone. I am way too susceptible to being distracted mid-task, and the only way I've found to effectively combat that is by aggressively removing those distractions.

Now if only I could turn off the "you must investigate X" shouting my brain randomly throws at me WITHOUT external stimuli.

[seabass-labrax]

By which point, of course, your TOTP token has expired. I feel your pain :)

[hnlmorg]

Haha yeah, that’s the most annoying part of it.

[thelastparadise]

And then you get SIM-jacked.

[SoftTalker]

Why don't more sites ask for the username/password and the TOTP code on the same form? Is there a downside to that approach? I've only seen it done that way rarely.

[TrianguloY]

Probably because not all accounts have TOTP enabled, so it would be strange to ask for a TOTP if you don't have one.

Maybe with newer services that requires TOTP since day one is a possibility.

[kaetemi]

Yep. Switching to phone is instant context loss.

[kaetemi]

Is there no way to stop Chrome on Android from remembering all open tabs? I find this one of the things that causes distraction from what I was going to do.

[akho]

Why do you need a phone for totp?..