Secure access to backup 2FA codes

Hello gamers,

I realized that access to backup codes is really simple and not really secure if you ask me. To clarify for those, who don't know, backup codes are a bunch of codes used to recover the account when we lose 2FA authenticator (for example: we got a new phone, and lost the old one which had 2FA Authenticator on it).

If someone who shouldn't have access to our account somehow gets access to one 2FA code and they'll log in to our account, they have full access to everything in our account, because 2FA backup codes are secured only with our account password. 

I'd like to suggest something more than just a password, maybe a code sent to our phone (you already have your phone number connected if you have 2FA) or a verification code on e-mail.

This should help people with losing access to their accounts because 'hackers' wouldn't have an easy access to the backup codes in order to change the rest of the account details.

I already lost one account, and because of the low protection of backup codes, I lost it completely. Also I feel like phone number doesn't give you any additional protection / ways to recover your account. I remember when my account got stolen, it still had my phone number connected to it, but the e-mail address was changed. I tried recovering it with my phone number but I only got a text from Discord that an email was sent. No code or anything, just Your Discord password reset link was sent to your email. Please check your email to reset your password. That's not helpful at all if you ask me. At least my stolen account got deleted so that's good.

Anyways, what do you think about extra security for our backup codes? I feel like a phone number should play a bigger role in account recovery/protection.