How much we care about trying as users to keep our accounts secure, the websites aren’t that good to keep our data secure. How many data breaches we had in last 5 years that affected all of us. I feel like at least a few affected me.

So in that case storing OTP with passwords or don’t does not matter.