Is 2FA really that weak for authentication ? Other than social engineering, I don't see how accounts can get hacked, unless they have the passwords and codes on their phones which get hacked. Its more of a result of poor security management.

3Fa would certainly change things.