I do not think that OTP are a replacement for passwords as they are two different levels of security. Passwords is something a user knows while OTP is something a user has. I'll have to think about this as a OTP and Passkey cover the same level of security but with different approaches. Passkeys are much more secure than OTP and it baffles me that financial institutions haven't moved over to this technology. I know of someone who was recently social engineered to provide their OTP to a bad actor and they had their bank account drained. The same situation would not have happened if the bank had implemented Passkeys as they are not something that can be shared.