Drop all that
Authy user here, because of the convenience of SMS, with the knowledge that the private keys are mine. It survives across resets, and I can satisfy my ADHD by having it on multiple devices easily.
Ideally, SIM swapping should be fixed.
Getting an SMS to show that I'm in possession of my phone is very convenient, and it seems easy to implement at the login provider end even when they have code monkeys (a totally different security issue altogether)
It also works on dumbphones, for those who don't want to be tracked by Zucky, Gates, et al.
It is universally understood by people who otherwise don't know their Google from their Facebook.
The processes and PSAs should be as simple as a 5 year old can understand ("don't talk to strangers who call you out of the blue claiming to be from your bank, phone company, utility, dentist, child who's had an accident, investor who has the latest scheme to make you money, etc.) and the professionals can stand behind of.