An interesting revelation I had when talking to nostr:nprofile1qqsglv2qkn5dmmuhee9cy8fywfu2rfp4xd3xy0myqg2gfvmjl9yqqrqppamhxue69uhk2tnwdaejumr0dsq3qamnwvaz7tmwdaehgu3wd3skueqpz3mhxue69uhhyetvv9ujuerpd46hxtnfduekf372 about nostr.build's new OTP using NIP-17 Giftwrapped DMs: 

The OTP code is sent to the user only. The sender/server doesn't store a copy of the code. That is impossible to do on NIP-04. 

If you send OTP via NIP-04, whoever has accept to the sender's key can decrypt and see all the codes. If you use NIP-17 DMs, the code is sent to the user and deleted from everything else.