Sorry i misunderstood what you were saying. I thought you were saying that if the password manager was compromised then the attackers would have only 1 minute to make use of the tokens before they change.

But if a password manager is compromised then doesn’t the attacker also get the TOTP key which is what generates the codes in the first place?

It wouldn’t matter if it expires in one minute because they’ll have the token to generate the next code, as well as now knowing the password.

Now try migrating all your docker containers to podman.

Why do you need yet-another-separate app?

To keep your two factor codes and passwords separate in the event that your password manager is breached.

Also if you need a 2FA code to log into your password manager, how are you going to get it if its in the password manager that you can’t log into without the 2FA code inside it?

Why would oil tanker crews (which are more than likely made up of non-americans) care about “showing some guts” just so some American gas guzzlers can have cheaper fuel?