One question: Is it easy to migrate from one service to another?
As far as I experienced it, migration from one app to another is rarely possible. Either the source 2FA app can show the secret in plain text or as QR code or export a backup file in which you can easily find the shared secrets of your 2FA accounts. But digital backup files are risky if you don't know how secure your device is which you usually can't know for certain depending on what internet shit you've already done with your device.
Therefore I developed the habit to make a physical backup on paper of the 2FA shared secret when I setup a new 2FA account. If I can get only a QR code for 2FA setup, I scan it with a designated privacy friendly QR code scan app that I have on my phone which allows me to decode the QR 2FA setup code and doesn't share this with any other app or cloud storage.
I don't make a digital photo of the 2FA setup QR code because usually pictures are uploaded to some cloud. If the QR code is displayed on a computer, printing it safely is another option. I make some effort to not leave any digital traces of 2FA setup codes on online digital devices.
Backup and migration is far from user friendly if you're concerned of security, unfortunately.
Or will it be necessary to do a new registration/configuration for each service that uses 2FA?
If you can't migrate a 2FA account or have no physical backup, that's unfortunately the only option to go for setup on a new device or 2FA app. I'd rather go the route to temporarily disable 2FA if that is possible and re-enable it for setup newly. But you have to be careful not to loose access and having to perform some painful recovery with service desk hell.
