Comment by crote
4 hours ago
You are supposed to store the password in a Secure Enclave, which you can only query for the current token value. You are also supposed to immediately destroy the QR code after importing it.
As I already mentioned, the fact that people often use it wrong undermines its security, but that doesn't change the intended outcome.
IMO if it is possible to use a system wrongly which undermines its security, it is already broken.
This is how we get sites that block software tokens and only allow a whitelist of hardware based tokens.
I can chuck a brick at your head. Clearly the brick is broken
There is no system which cannot be used wrongly in a way which undermines it’s security.
I mean, TOTP is one of the earliest 2 factor systems, and works least well.