nostr:nprofile1qy2hwumn8ghj7un9d3shjtnddaehgu3wwp6kyqpqvwr5s27ye0f8a267awgl07zwkwshtqkg9ywnx8ltx2as39v5kcysqycsx6 I considered keepassxc, but I feel like keeping my TOTP on the same medium as my password kinda defeats the point of 2FA. Like yeah, TOTP is time-based, but that's kinda just 1FA at that point
Discussion
nostr:nprofile1qy2hwumn8ghj7un9d3shjtnddaehgu3wwp6kyqpqux2crkcx39gllak7tj5302uf5u4j4ger5p3eyl56dtv4qr44v97sxv9328 just keep a separate database for it. Otherwise onlykey can store like a dozen of OTPs
nostr:nprofile1qy2hwumn8ghj7un9d3shjtnddaehgu3wwp6kyqpqux2crkcx39gllak7tj5302uf5u4j4ger5p3eyl56dtv4qr44v97sxv9328 nostr:nprofile1qy2hwumn8ghj7un9d3shjtnddaehgu3wwp6kyqpqvwr5s27ye0f8a267awgl07zwkwshtqkg9ywnx8ltx2as39v5kcysqycsx6 TOTP is a meme - the only way you have decent security is to have a good password, which keepassxc provides.
Any time you add anything that is not a good password, for example an "TOTP code", you either get no benefit, or *reduced* security.
By definition it's not 2FA but it is better than no 2FA. An attacker can know your passwords but they can't get in unless they also have access to the password manager where your 2fa codes are stored.
You could get the device for the 2FA key for your password manager account. Then the device will also be the key to all your other 2FA codes, kind of achieving what you want.
Bitwarden premium ($10 per year) has good 2FA support and a good reputation.