Nowadays, there are many ways to access a partcular account without user's paswords through text scheme, answering surveys and registering in any website that didnt even ask users information ( etc) . Even you have your password backed up, its a must to use 2FA ( two factor autentication) it is a secondary layer of security that protect an account or a system. If there are website who require a users to have 2FA then no doubt there is nothing to worry about of being hack and all for most its a safety protocol. Hacker wont be easy on those who use 2FA. Its a system's personal and unique identification of your information. Better to start creating it for your own good.