They chose the option that did not imply sharing too much information with discord. The fact that it's hard is mainly because it's not discord's preferred option. So no, it's a perfectly valid choice to make and discord is being a pita. Setting up time-based 2FA is simple. Setting up network (!! email !!) based 2FA is stupid and cumbersome.