Most of the security benefits of TOTP is really for the service providers. Service providers get blamed when users are hacked because they used the same weak password across multiple websites. With TOTP service provider chooses the key the codes are derrived from, so user cannot choose a stupid one.
Most of the other threats that people talk about TOTP fixing are movie plot threats and not ones that happen in the real world to ordinary people. The only major exception is that webauthn prevents phishing, but TOTP cannot help with that.
Arguably storing TOTP tokens in your password manager does provide a level of protection against phishing.
You might fool me with that phishing page, but you won't fool my password manager's autofill. It would have to be full on MITM or DNS poisoning for that to work, which is already more of a movie plot.
Most of the other threats that people talk about TOTP fixing are movie plot threats and not ones that happen in the real world to ordinary people. The only major exception is that webauthn prevents phishing, but TOTP cannot help with that.