The same thing that stops the user from going through an account recovery flow to enroll an attacker's key. Such flows are of course more necessary in a world where you can easily lose/damage the only place where your keys are stored.