Two-step authentication is a kind of "poor man's Two factor Authentication" where the second factor is a one time code delivered to you by text message. Whilst considerably better than a password on its own, this is no longer greatly recommended on account of the relative ease by which a determined criminal could get a SIM card registered to your phone number and so get hold of the one time code. These "SIM swap" scams are endemic in some countries.