Key-logger on the box your soft cert is on. Soft cert is comprised immediately, fully, and permanently. And you might never know. With email/sms, at least it's possible for you to realize they're compromised, and with TOTP the underlying keymat is likely not on the device so the attacker has to repeatedly win the race.
More importantly, this is also a false dichotomy, as the correct answer here is hardware protection of the private key, e.g. yubikey.
> Key-logger on the box your soft cert is on. Soft cert is comprised immediately, fully, and permanently.
That essentially means the entire machine is compromised and logging into any service would allow the adversary to access them. That would compromise the email and SMS routes. If they have root access to my phone (or whatever I use to store the TOTP secret), that would allow them to generate the correct one time token to log into any service that I use TOTP 2FA with.
> With email/sms, at least it's possible for you to realize they're compromised
That's assuming I check carefully and often enough. If someone brute-forces my password over IMAP, then they could read my messages without me ever knowing. But I could always check the process list on my computer to determine if a keylogger is installed.
> and with TOTP the underlying keymat is likely not on the device so the attacker has to repeatedly win the race.
It depends on the application. If someone got access to my phone, they could easily get the TOTP secret out of my GAuth app.
> the correct answer here is hardware protection of the private key, e.g. yubikey.
Except that it's not universally supported. It's not going to work with my email client nor will it work with my IRC client.
More importantly, this is also a false dichotomy, as the correct answer here is hardware protection of the private key, e.g. yubikey.