Two Factor Authentication (2FA), also called Multi Factor Authentication (MFA) is an extra
layer of security that can be applied to many on-line services and application. When this is turned on, a user still enters their user name and password, but after those credentials are entered successfully the system will request additional proof of who you are. This can be done using a physical security key (like Google's Titan Key) that you plug in a USB port, or by using your phone. When using your phone, a random one-time code is sent via text and you must enter that code on-line; or an authenticator app can be used (such as Microsoft Authenticator) that generates random one-time use codes.
Microsoft's Group Program Manager for Identity Security and Protection stated in 2019 that "Based on our studies, your account is more than 99.9% less likely to be compromised if you use MFA". Google has made similar statements.
2FA can be a pain, it's an extra step when you log in, but it is well worth the extra effort due to the fact that it makes it extremely difficult for anyone to log in to your sites, services, and applications. Even if your passwords are compromised, they will need your key or your phone to log in. 2FA is available on many on-line sites and applications like Microsoft, LinkedIn, Google, and many more. I really recommend turning this on for any service that supports it and take the time to set it up and secure your accounts.