Single post in Two-Factor Authentication

It is less secure, but still considerably more secure than not having 2FA enabled at all. I think the point is to have more people enable it. It's an optional security feature, and a lot of people will not enable it because it feels like too big of an inconvenience to enter the code every log-in. People are prone to feeling like things such as getting your account stolen will probably never happen to them, and won't feel the security is worth the inconvenience. It would especially help users who go inactive but now have 2FA enabled. If the inconvenience is not so bad, but the security is still mostly there, so more people use the feature, that sounds like a win to me.