Comment by labcomputer

> Are there any mainstream websites which only allow a single TOTP token to be enrolled?

I have definitely run into this a more often than not. It seems like only the largest and/or most security-focused tech companies allow multiple TOTP secrets. At this point I have made it a habit to ensure the TOTP secret has been stored in more than one place before dismissing the QR code.

Some even restrict you to one of: one hardware security token, one PassKey or one TOTP token.

> The non-disclosure is indeed neat, but the same can be achieved with a password. For example: generate public/private keypair on account creation. Encrypt private key with user password. Store both on server. On auth, client downloads encrypted priv key, decrypts it with user-entered password, then signs nonce and provides it to server as proof of knowledge of user password.

That's basically how PassKeys work, except that the security token's private key is used to encrypt/decrypt the login private key and sign the nonce.