When you add 2FA to your users' accounts, they will still be safe even if a hacker finds out their passwords.
Accounts will be much safer because it's necessary to confirm something that only the user is in possession, like a security token, ID card or smartphone. The risk of security breach is drastically reduced with the addition of this second protective layer.
How it works
2FA is basically a login where the user goes through two different steps before accessing their accounts. First, they type in their password. Then, they use a one-time passcode send through SMS or Voice to their phones. It basically ascertains the user knows something (password) and own something (their phones).