The purpose of TOTP is to use 1-time codes instead of (or in addition to) passwords, and doesn’t require multiple devices.
The purpose of MFA is to ensure the user uses multiple devices to log in. In practice, MFA isn’t usually implemented correctly, as it only requires a phone and no other device to log in, so it’s not true MFA. MFA is sometimes implemented with RFC 6238 (TOTP), but for example getting a text message or email with a log-in code is not that.
Your password manager should use a secure password so that attackers can’t get into it. It’s more secure than a phone, which often use few-digit passwords or, god forbid, fingerprints or face scans to unlock.
TOTP ≠ MFA.
The purpose of TOTP is to use 1-time codes instead of (or in addition to) passwords, and doesn’t require multiple devices.
The purpose of MFA is to ensure the user uses multiple devices to log in. In practice, MFA isn’t usually implemented correctly, as it only requires a phone and no other device to log in, so it’s not true MFA. MFA is sometimes implemented with RFC 6238 (TOTP), but for example getting a text message or email with a log-in code is not that.
Your password manager should use a secure password so that attackers can’t get into it. It’s more secure than a phone, which often use few-digit passwords or, god forbid, fingerprints or face scans to unlock.