While having them grouped together in bitwarden creates a single point of failure, it does not undermine the value of TOTP too much.

TOTP being about having two separate parts of the auth process is not its whole application. What TOTP is about is having a part of your auth that is One-Time-use, so even if your password got leaked/hacked/intercepted it is worthless to an attacker.

Pretty sure they blocked that no internet option too, though Rufus has a checkbox to re-enable it.