It's not that I can't get back into the account - it's just that I can't delete an old 2FA token that I lost. Because it asks for a code from the token that I'm trying to delete...
I see, that's a bug then. For all intents and purposes, backup codes should be equivalent to a 2FA token. So you should be able to use it when removing the old 2FA.