Apple to require two-factor authentication for developer accounts
In a bid to secure developer accounts from nefarious actors, Apple on Wednesday said all app makers will be required to use the company's two-factor authentication protocol to protect their Apple IDs.

Apple's two-factor authentication system on iOS.
The change, which goes into effect on Feb. 27, is designed to keep developer accounts more secure by ensuring only account owners can access the sensitive information, Apple said in an email.
When the backend implementation goes live, developers who do not already have two-factor authentication enabled will be required to do so when signing in to their Apple Developer account. Enhanced security also applies to developer Certificates, Identifiers & Profiles.
Apple's letter to developers:
Two-factor authentication for developers is identical to the solution rolled out for consumers operating Mac and iOS devices. After activating the feature on macOS or iOS, every Apple ID login attempt on an unregistered device requires both a password and a six-digit code generated by Apple and sent to a trusted iPhone, iPad or Mac. Apple does not require a verification code when accessing Apple ID from a trusted device, though that status will be revoked if a user signs out completely or erases the device.
While not foolproof, two-factor authentication significantly enhances account security, and in doing so reduces the chance of unwarranted access by an outside party.

Apple's two-factor authentication system on iOS.
The change, which goes into effect on Feb. 27, is designed to keep developer accounts more secure by ensuring only account owners can access the sensitive information, Apple said in an email.
When the backend implementation goes live, developers who do not already have two-factor authentication enabled will be required to do so when signing in to their Apple Developer account. Enhanced security also applies to developer Certificates, Identifiers & Profiles.
Apple's letter to developers:
The email includes links to a support page covering two-factor authentication for Apple ID, as well as a contact form directed to Apple Developer Relations.In an effort to keep your account more secure, two-factor authentication will be required to sign in to your Apple Developer account and Certificates, Identifiers & Profiles starting February 27, 2019. This extra layer of security for your Apple ID helps ensure that you're the only person who can access your account. If you haven't already enabled two-factor authentication for your Apple ID, please learn more and update your security settings.
Two-factor authentication for developers is identical to the solution rolled out for consumers operating Mac and iOS devices. After activating the feature on macOS or iOS, every Apple ID login attempt on an unregistered device requires both a password and a six-digit code generated by Apple and sent to a trusted iPhone, iPad or Mac. Apple does not require a verification code when accessing Apple ID from a trusted device, though that status will be revoked if a user signs out completely or erases the device.
While not foolproof, two-factor authentication significantly enhances account security, and in doing so reduces the chance of unwarranted access by an outside party.
Comments
I wish Apple would also support TOTP as well.
EDIT: Maybe I misunderstood slightly. This seems to be about securing the Apple IDs that belong to the designated account owner.... so it's still authenticating an individual, not a company.
(If you have any questions, I invite you look at that thread from just a couple of days ago).
Compare this to Google who require a text message based code.
It works fine for me.
You've confused it with being an OPTION and because of the possibility, rare as it might be, of man-in-the-middle interception it's not the best way even if convenient for a lot of folks.