I'm glad TOTP exists and is a currently accepted method. Hopefully it will keep being that way.
With that, I find using security keys pretty acceptable and better than plain passwords obviously. The downside is that if you lose the key(s), you're screwed up. Yes, there are ways of recovering access - either wth a set of recovery codes (but you need to keep those away from prying eyes and make sure you don't lose them either, so it's kinda shifting the problem), or other methods, most of which will rely on proving your identity in some way, which (at the moment at least) means usually some lost privacy.
So, TOTP+security keys are cool if you make sure not to lose your keys. Otherwise, you are going to lose privacy and will have to disclose some personal information to get access.
As to github itself, there has been a number of good reasons of moving away from it way before this 2FA thing. So IMO if you had to quit github, it should not be because of 2FA.
I personally use github when I'm forced to (as I'm sure many of us), that is if I have to collaborate on a project that is hosted there, which is relatively commonplace in the professional world these days, even outside of pure software; or to report issues/bugs on open-source projects that are mainly hosted there. Otherwise, outside of these cases, I do not have a single project on github.