1) OTP _is_ the standard MFA. You have the choice between software and hardware solutions. Complain to companies still using SMS/Email/etc for second factor. Loudly, please.
2) Use a proper password manager to store your OTPURI and generate the tokens, as well as for storing your recovery codes. I'd recommend gopass if GPG, self management, and VCS sounds appealing, and 1Password if you'd rather have someone else handle the technicals. 3) WEB3 aims to provide such decentralized login based on some device you control as you are saying you want. Whether or not it replaces the current authentication model is another matter entirely.
