Re: But it's 2017.
"Why in the world would someone NOT be using 2FA if they were using it for important work???"
I suspect a significant number of people disable 2FA if they are working on a pc they trust.
Where is that "trust" stored? I suspect due to the variety of elements involved it will be some kind of Cookie on the user's pc. If so, does that sound secure?