[VikingCoder]

I use Google Two-Factor authentication. I need my password, and my phone.

If I root your box, and watch you type, I have the password to your password manager, and the password database.

[stygiansonic]

Arguably, if you root someone's box you could install a modified TLS stack that would allow for a MITM attack to capture the 2FA login flow. (But this would be obviously a little more difficult)

[VikingCoder]

I have a friend that this happened to. I unfortunately cannot elaborate.