2FA For Ente Auth Itself?

I just switched from the Microsoft authenticator I'm because I wanted something open source to pair with Bitwarden. I also wanted to try something different and was also frustrated with being locked into a single app on a single device.

Since I used the Microsoft authenticator, one thing that is new to me is being able to access my 2fa codes on multiple devices and the website. It's really awesome that I can do that, but one thing I am curious about is the protection for the website. It doesn't appear that there is a way to secure logging into the website with anything more than a password and a username. Is this typical of 2fa apps? Am I missing something somewhere that allows me to add security for this? I guess now that I can access everything from every device , I'm wondering how secure it is to have my whole life of codes accessible with just the username and password, when that's the whole thing that needs to be avoided.

Just trying to get educated with the switch. I still haven't even dug into the passkey side of things when it comes to security.