Multi-Factor Authentication (MFA) identifies an online user by validating two or more claims presented by the user, from different categories of validation. The theory behind MFA is that the combined factors of validation are stronger than their individual parts. There is no single impenetrable authentication factor.
The humble password is no longer good enough for the world we live in today. If there are no backup checks, once a password has been uncovered, a malicious party can login and do as they please.