zlacker

I was wondering the same thing - here's an article I found that describes both approaches. Not being in the cryptography space myself I can't comment on how accurate it is, but passes my engineering smell test.

https://blog.trezor.io/why-you-should-never-use-google-authe...

Edit - sorry that this is really an ad for the writer's products. On the other hand, there's a hell of a bounty for proving them insecure / untrustworthy, whatever your feelings on "the other crypto".

>>jaycro+(OP)
Yeah these are very dumb arguments against TOTP.