Many of the reasons 2FA is added by product managers and engineers is because they are too lazy to actually solve the problem in a way that is empathetic to actual, breathing humans and instead bulldoze through the problem in the least usable method possible, call the problem "solved" and move on to shinier problems.
Just because 2FA "solves" the extremely narrowly defined problem, doesn't mean it is the best solution or even something that people can and will actually use. Upon those metrics alone, 2FA is usually one of the worst "solutions" to the problem.
Just because 2FA "solves" the extremely narrowly defined problem, doesn't mean it is the best solution or even something that people can and will actually use. Upon those metrics alone, 2FA is usually one of the worst "solutions" to the problem.