I'm pretty sure you just have to convince a salesperson that you "lost your phone" and get the same number reassigned to a new sim/device. It's the number that's used for SMS based auth, not the sim itself. Social engineering is often a weaker link than hacking or physical theft.

The threat here is they steal you phone number. There is strong evidence that someone can steal your phone number and is willing to sell that as a service for as little as $1,000 (if its t-mobile, other carriers cost more).

Hackers have also offered t-mobile employees as little as $300 to perform sim swaps, and I'd be willing to bet there were some takers near that price point.

https://krebsonsecurity.com/2023/02/hackers-claim-they-breached-t-mobile-more-than-100-times-in-2022/

You do realize you need to physically have someone's sim card to sim swap them right? Not sure how it works now with esims but being simswapped if you have a physical sim card is virtually impossible 

AJ1992

Please, whatever you do end up doing, do not rely on SMS for auth. Sim swappers will be all over it if you do.