Google provides backup keys you can print out and place in a safe. I find that to be the best solution generally.
I also think there is room for different methods for different services. For work accounts, I can contact my boss and have them ship me a new hardware token if necessary- losing only a day or two worth of access (It is even possible for the company to temporarily remove the Hardware Token requirement- or to allow me to enroll a Hardware Token I can purchase locally if necessary). That may work okay for a bank account too- where the bank can verify my identity.
For services with not human interaction, pre-generated backup codes seem the most sensible to me.
I was relying on backup codes until I recently learned (via a PSA on HN) that you should actually backup the TOTP QR codes and not rely on the 2fa backup codes because they may not provide the same level of access.
Specifically, the HN post claim was that using a backup 2FA code to get into your Google account won’t allow you to add a new authenticator app.
I also think there is room for different methods for different services. For work accounts, I can contact my boss and have them ship me a new hardware token if necessary- losing only a day or two worth of access (It is even possible for the company to temporarily remove the Hardware Token requirement- or to allow me to enroll a Hardware Token I can purchase locally if necessary). That may work okay for a bank account too- where the bank can verify my identity.
For services with not human interaction, pre-generated backup codes seem the most sensible to me.