If the TOTP secret key is stored in the user's home directory, then this only makes sense for login authentication, but not for sudo: an attacker with access to the user's terminal can simply replace the secret key and…
If the TOTP secret key is stored in the user's home directory, then this only makes sense for login authentication, but not for sudo: an attacker with access to the user's terminal can simply replace the secret key and…