2-factor authentication
When I'm logging into a site that requires 2-factor authentication, the code is sent by Messages to my iPhone, of course, but also to the device, typically my MacBook, that I'm logging in from. Doesn't this defeat the whole point? ie if someone has stolen my Macbook or gained unauthorized access to it (and has somehow found out the log-in password for the particular site) then they will get the code too. Sure, I'll get it on my iPhone and I'll know someone's trying to log into my account, but by the time I can do anything about it it will most likely be too late.
So how is 2FA making me more secure in this scenario (as opposed to if someone got my log-in credentials but didn't have any of my devices)? Is there a way to stop the code from being sent to my MacBook? Or what am I missing?
Thanks
MacBook, OS X 10.10