The whole point of 2FA is that once you lose possession of your physical second factor, you lose access. If you can maintain access after losing the hardware, you've just added a second password. SIM swapping attacks have proven very effective at showing how easy it is for someone to bypass SMS 2FA. It's better than no 2FA, but it's the worst second factor out there.
If you don't want to lose access after losing your second factor, you don't want two factor authentication. Trying to make 2FA something it's not only muddies the waters and makes things annoyingly confusing.
I don't think "I know someone whose phone can't handle a 2MiB TOTP app" is a good reason not to offer real 2FA on a website. Sure, offer SMS codes for people who don't care much about security beyond ticking auditor boxes.
If you don't want to lose access after losing your second factor, you don't want two factor authentication. Trying to make 2FA something it's not only muddies the waters and makes things annoyingly confusing.
I don't think "I know someone whose phone can't handle a 2MiB TOTP app" is a good reason not to offer real 2FA on a website. Sure, offer SMS codes for people who don't care much about security beyond ticking auditor boxes.