2fa is two factor authentication. User+password is the first factor, and is a "something you know" check. The second factor is a "something you have" check. Like sending you an SMS code.

They exist so if someone watches over your shoulder while typing your password, they don't gain access to anything.