Add 2FA-lite for new devices only, more secure than no 2FA, less secure than full 2FA.
This 2FA-lite could be a “New Devices Only” checkbox while managing the Email 2FA or it could be a separate 2FA type.
2FA-lite would also work well with a new “grid” challenge as LP has.
To add to this, I manage my elderly parents accounts under a family plan. With Lastpass I was able to setup ONLY THEIR 2FA so that it was only required on FIRST login from a NEW device. This was specific to their users and all other users were required to re-enter 2FA every 30 days. This meant their account was protected by 2FA, but didn’t require them to re-enter it unless they change to a new device. Made things a lot more secure than having them get locked out of their password manager, and default to using terrible passwords from memory like “password123”.