Phones could allow much higher security if they supported 2 factor authentication. This could be face/fingerprint along with a typed or swiped password. This seems like a simple solution that leverages software that is already implemented. Just make it an added option in addition to the existing ones.
I think the confusion here is that I mean to use 2FA to access my phone, not websites or other hardware.