This feature is really just an alternative 2FA pattern. You can only add a new device if an existing device allows it. Yep 2FA.
I can understand how someone may like this alternative, but I think from a UX standpoint, it’s really just the same as sending a prompt to an authorized device asking if you’re trying to login. Because in the end, that’s exactly what’s going on.
Personally, with U2F around the corner, if it’s webuathn+pin, that is pretty much the best you can get. I would trust my yubikey more than any computing device that can have malware installed.
I will agree that it is nice for people to have viable options. I would say that when a new device wants to authorize and existing devices are connected, then possibly the option of requiring the masterpass or pin.
The real question is how the situation of all devices being inaccessible. Possibly a configurable idle timeout where if no already authorized devices respond to an authorization request, the new device is allowed. But of course, if the real user still has access to their device, they can reject the request. You’ll want some sort of rate-limiting so a user doesn’t get spammed by requests if under attack. Maybe an option to block all requests for X amount of time.
Also, since this really is just yet another form of 2FA, that it should be treated just like 2FA. Maybe even the option of configuring which devices can act as 2FA. For example, maybe I don’t want my work computer to function as a 2FA device, but my cellphone can. Less of a “disable new devices” and more of “notification 2FA”. It really is the same thing. A rose by any other name and all that.