Their security model locks users out.

I nearly lost all my passwords with LastPass when something similar happened to me.

Is grandma supposed to file her 128 character recovery code in a safe vault when she just wants to get from the airport?

Stop blaming users for them not adapting to terrible authentication experience.

Most companies offer manual processes to get round failed 2FA - for example, provide copies of ID, a video chat to confirm, security questions about account details (eg last trips you took), etc. I've had to do this for a couple of services where the process was quite onerous, but that's the point.

Doesn't help if you lose the keys and you're the only one that held them. This happened to me with an SSD that I took out of an old laptop, without realising that But locker stored its key on a chip in the laptop. I didn't even know that I had bitlocker enabled.

But Uber shouldn't have your trip details behind end to end encryption, so they should be able to unlock it.

Disconnect the phone number from that old account and allow him to create a new account using the phone number.

If I cancel my phone service, and someone else later ends up with my phone number, does it make sense that that person can never use Uber with their new phone?

Phone numbers are less transitory than street addresses, but much more so than email addresses. You should expect some amount of re-use, and need to be able to handle that situation.

OK, replace "Uber" with your power company. You can't log into your account to update your expired credit card. Are they going to turn off your electricity because you dumb dumb didn't save your backup codes!

No of course not. They're going to help you out. Because we live in the real world where people make mistakes.