To keep track of which of my accounts use which 2FA methods, I’ve used my password manager’s custom fields option (probably available in most standalone password managers) to mark each potentially important account with an importance value (as in, how bad is it to lose access to this account), and separately with a 2FA value to indicate which 2FA method it is using.
Regarding TOTP not protecting against fake websites: there are TOTP apps with autofill, which is at least some protection in this scenario.
To keep track of which of my accounts use which 2FA methods, I’ve used my password manager’s custom fields option (probably available in most standalone password managers) to mark each potentially important account with an importance value (as in, how bad is it to lose access to this account), and separately with a 2FA value to indicate which 2FA method it is using.
Regarding TOTP not protecting against fake websites: there are TOTP apps with autofill, which is at least some protection in this scenario.