Make recovery keys optional
It would be good if the creation of recovery keys before setting up 2FA is made optional. Maybe it can give a warning if you try to set up 2FA without them, but allow you to proceed anyway.
Reason being that we can always reset accounts for people via out of band communication. And storing recovery keys (even if the user never saves them) could potentially be a risk.