[wepple]

TOTP has substantial security gaps to make it a non-starter.

Maybe a pubkey system where you choose your own client would be what you’re looking for?

[pabs3]

TLS Client Certs (aka mTLS) is an option for that, but the browser UI stuff for it is terrible and getting worse.

[doubled112]

I couldn’t imagine trying to train the general public to use mTLS and deploy that system.

I’m not even sure it is difficult. Most people I’ve talked to in tech don’t even realize it is a possibility. Certificates are “complicated” as they put it.