Adding your keys to FreeOTP on a replacement or additional device can be
quite cumbersome. It would require contacting many of the services to set
up new keys, which in turn would require verifying your identity for each
of those services.
To guard against the keys being stolen, the backup could be encrypted with
a key from AGP or OpenKeychain (Android). Thus, backup and restore would
require the key - if possible, FreeOTP could be made to require that the
chosen key have a passphrase.