This is a companion discussion topic for the original entry at https://www.youtube.com/watch?v=epiduqAStlE
The best thing about this is that a very large amount of Android users are storing their account passwords on their Google account as well. So now Google not only has all the passwords to their accounts but also their TOTP seeds, all in a centralized location.
There’s no reason to use Google authenticator when much better options exist. The only problem is that the avg person is extremely naive when it comes to cybersecurity and privacy (probably tech in general). Social engineering is effective because people, including those working in a tech related field, don’t care much about their security and privacy.