It's not possible to add 2FA to MyMonero because of the client-side nature of MyMonero. Doing so would make us custodial, which is something we don't want.
If we added some form of MFA we'd need to be custodial (hold the keys), which we want to avoid. Workarounds, like holding an encrypted version of the keys, are still open to the same non-recovery issues, so then we may as well just not.
The issue is key recovery when someone loses access to their 2FA device. For that we have to store the key unencumbered. That said, we're busy playing around with an idea based on multisig, where the user has one key, their 2FA device has one key, and we have a backup key. If they lose access to their 2FA device we can help them move the funds to a new account, without being custodial of their keys. We also can't steal their funds, since we only have 1 of the 2 keys we'd need.