Check out 1Password for 2FA management. It's extremely well done. When it auto-fills your user/password, it also puts your 2FA code into your clipboard so you can just paste it in on the next page.

Alternatively, and if the form supports it, you can use the share sheet on iOS to get 2FA auto fill from 1Password.

>Authy (arguably more secure)

What's the argument ?

>Would be cool if this somehow cleaned up the whole process.

Everyone, just leave 2FA alone. No sms. No custom garbage that sends a push from a cloud and uses a blob on the device. Use TOTP. It's simple and easy. If you want fancier phishing protection, optionally add the newer fido2 or whatever the newer standards end up being. Just no custom garbage.

For regular users TOTP isn't simple:

* you have to install an app, but you can't tell which app you're meant to use

* you have to configure the app with whatever your signin service is

* If you ever delete the app (something that is generally not harmful) you lose the ability to sign in, and reinstalling frequently does not bring back your old authorizations.

But yeah, SMS 2fa is garbage from a security stand point (and will remain so until carriers can be held liable for costs from transferring your number without your authorization), but it is usable and is leaps and bounds better than nothing at all, which is what users will do if you make 2fa hard to set up.

Little beyond me on why It’s considered more secure. Just what I read a while ago.

I just want cleaner integration for the user. Don’t care about messing with it

Yubikeys are great, but perhaps out of scope of this discussion.