Well, yes, and the simple fact is that 2FA
does add to your security, almost however much you try to thwart it.
There are two prime attack vectors used.
The first is the easiest, where people use the same password on all online accounts. Look at
https://haveibeenpwned.com/ - I'll have a shilling that you are there, I know I am. It doesn't bother me as I don't use a single password on all sites. OK, OK, I know I do for all sites that don't matter, and it isn't even a particularly strong one. That's the username password pair they've got. If I appear on here selling viagra at a special price, you will know that hackers are taking advantage of my security failing. Either that or my $Megacorp employer has decided they no longer need my services.
The second is likely the greatest threat, that you are the victim of malware. Either through a compromised website, or spear phishing (where you receive a targeted phishing attack tailored to you, eg an eMail from a mate saying "You won't believe the price of this bike, click here) your activity gets logged and sent to a central server, where they use your credentials to attempt to log in. 2FA stops this, dead.
Sure leaving your computer unlocked in a semi public environment is a risk, but it is minimal. To benefit, the attacker would have to sit in your place, use your computer for a reasonable period of time which is a risk. It is much more likely that anyone bent on harm will simply install a keylogger and we''re back to #2.
Ultimately, if you walk outside your front door leaving it wide open and your valuables on show, you can't really blame the insurance company for the locks they insisted you have failing to work.