Due to potential flakyness of this 2FA method, let’s consider (2FA) account recovery.
If someone is a known person or pseudonym, having a usually used e-mail address and OpenPGP (or signify or otherwise) signing key, should I trust that signing key in if there ever is a request to disable 2FA?