I'd considered allowing users to provision a additional keys for backup, but only allowing one active key at any given time.
If the active key is lost/destroyed, a self-serve portal allows them to disable their active key at any time. But activating a backup key would require a (different) administrator's approval.
That isn't a good workflow, in case the first administrator is sick or hospitalized and the second administrator needs to access it temporarily and is not in the same city.
Also, I tend to leave Yubikeys permanently plugged into devices (1 per device) and register all the devices I have (4+) with every service. If any device is lost I would just login with another device disable that key. I also don't usually travel with keys unless I'm travelling with a portable device. When I move between two fixed desktops both in secured locations, the two desktops just have permanently-installed keys, I do not carry a key between them as walking around with a key is a liability.
If the active key is lost/destroyed, a self-serve portal allows them to disable their active key at any time. But activating a backup key would require a (different) administrator's approval.