The reason you really should use U2F/WebAuthn is because it does origin binding which, unlike entering a TOTP, a code from your hardware token/authenticator app on your phone/SMS/etc is not phishable, i.e. you can't enter it by accident on accounts.google.com.totallylegit.ru and then have them enter it on real accounts.google.com. This is so because the U2F/WebAuthn security key signs a request, sent by your browser, which embeds the requesting page's domain, so a signature on attacker.com will not pass victim.com's verification checks, whereas a code from your authentication app is trivially copied.

HN