[mid-kid]

The reason I store 2FA codes in my password manager is as a protest to companies forcing me to have a 2FA. I don't want to be randomly locked out of my google account due to not having a usable 2FA, and I also don't want to depend on having a single device be always available to provide the codes.

In practice, I feel the main reason 2FA is popular is because people cannot be trusted to create unique and secure passwords for every service. The phishing-resistance is nice, but I'd prefer it being the only credential, and just having it be autofilled (making it longer to combat bruteforce), like what we currently have with password managers...

Here's to hoping passkeys turn out any better.

[forty]

Yes, my point of view is that using a password manager with unique and strong passwords everywhere is bringing most of the benefits you get with TOTP, and then you can have TOTP for compliance with security policy only.

[ghjfrdghibt]

Passkeys are a shitshow at the moment, I store passkeys in my password manager along with 2fa codes as it is the only way to make them reasonably usable. And obviously the only other way to manage passkeys is to rely either on a single device, trust big corps and vendor lock in, or to have multiple passkeys on multiple devices/services for the same sites/accounts.

[loeg]

> In practice, I feel the main reason 2FA is popular is because people cannot be trusted to create unique and secure passwords for every service.

Right. This is the killer features of passkeys.

[WhyNotHugo]

FWIW, you can store 2FA/TOTP tokens on more than one device. For example, I store many on two separate Yubikeys.

Then again, I do this for accounts that I really care about, I just keep TOTP in my password manager for accounts that are not worth the effort.