Want to do hybrid SAS with PQC and classical? It's basically the exact same protocol, no additional messages.

Worried that you have to exchange a password, so you might as well exchange a key? SAS basically forces you to the main use case of pairing to local devices.

Worried about people choosing bad passwords? SAS is chosen for you.

But are SAS memorable? Just map them to Unicode emojis. One to two will suffice.