> - Eavesdropping on you, doesn't happen because you use the password manager's autofill.
I rate this more likely and it’s one reason I still use TOTP stored in the same place as the password for other services.
A lot of sites are susceptible to cdn JavaScript compromises, and at least with TOTP stored in the same place as the password, a password replay attack has a very tight window of usability
I rate this more likely and it’s one reason I still use TOTP stored in the same place as the password for other services.
A lot of sites are susceptible to cdn JavaScript compromises, and at least with TOTP stored in the same place as the password, a password replay attack has a very tight window of usability