Pro:
• stored safely on protected hardware
• secret "cannot" be extracted
• can access TOTP codes from an untrusted device, e.g. if my phone's battery is empty
Con:
• backing up the secrets is "not possible"
• having a second YubiKey for redundancy is recommended, but both need to be present when setting up a new secret (or you need to store a copy of the secret somewhere else)
• only has 32 slots (but I only have 23 TOTPs atm)
