I put my TOTPs in Google and Microsoft authenticators for double-redundancy. On two separate handsets. Then I have someone else I trust implicitly scan the QRs too and have them on their phone.

I've been burned too many times.