Yes, you can have a lot of complicated flows that negatively affect UX.

Regarding the TOTP like solutions, I do not think they are that much more insecure, regarding key material, than a corresponding platform authenticator. You could have hardware backed crypto and use it to encrypt HMAC secret, same as private key for FIDO2 platform authenticator. So that's not a point of argument.

ALL non FIDO solutions are susceptible to phishing. So there is not much point to argue what is a full factor, and what is half factor. None of it matter. They are legacy authentication solutions and should be just treated as something to move away from.