In order for a flaw in SMS to break someone in, the attacker would need to break both SMS and the traditional authentication channel.

Yes, SMS can be broken. I'm sure Google Authenticator is vulnerable to certain attacks, too. Using them is better than throwing your hands up in the air and saying "it's not perfect, we'd better not implement it because then people will act as if they have perfect security!" Because people are already acting like they have perfect security.

You know this is the same reason people keep using telnet to manage their routers. "To attack the protocol would be like totally hard, and upgrading the routers to use ssh would be a pain in the ass. Telnet isn't perfect but it's better than nothing!"

Yeah, SMS isn't perfect, and yeah, it's better than nothing. But you know what else is better than nothing? Properly implemented TLS from an app or website on the phone. Of course that has holes too, but it's encrypted and (hopefully) authenticated unlike SMS. And it's available in every phone that can do SMS (unless you don't pay for data).

You can do whatever you want. But if you give people a crappy option and a good option, and the crappy option is slightly easier, they'll use the crappy option. But if they want the extra security they'll use the extra click it takes to make the good option work. Most people will just reason that nobody will ever use a keylogger on them and keep using keys with passwords.