Or have the ability to run code on your computer, in which case they’d just wait until you enter the private key password and then steal all your TOTP secrets.
Having your TOTP secrets on a unique device means that an attacker in that scenario (access to your endpoint) could steal a single TOTP code for the single site, but wouldn’t be able to steal the seed secret itself.
Having your TOTP secrets on a unique device means that an attacker in that scenario (access to your endpoint) could steal a single TOTP code for the single site, but wouldn’t be able to steal the seed secret itself.