Generally, 2FA is much more secure, but there are limits.
There are generally 3 types of 2FA information:
1. Something you know – your password, your security question answers, …
2. Something you are – live biometric information (thumbprint, retina, palm) scan (not a photo)
3. Something you have – a dynamically changing token that is matched to you by a sign in authority (your bank, your credit card company, …), a text with a passcode sent via SMS by the previously arranged sign in authority to your phone, an authenticator app code for a previously registered service (the last two are not great, but somewhat better than 1FA).
If your 2FA sign in uses two different instances of those three types, your security is greatly increased. If it relies on two from the same type, such as password and your mother’s maiden name, it isn’t much more secure than a 1FA system.
Your mileage may vary,
don
PS Any secure system can be hacked. Have you ever seen the movie where the bad guy plucked out a good guy’s eyeball or cut off his hand and used it to access a secure area?