First, lets start with what 'two-factor authentication' is. It involves two steps to logging in. With one step, you just needed your username and password. You entered the info and you're logged in; this is one step. In two-factor authenticataion (or two-step authentication) uses more than just your username and password. For example, one of the first two-step authentication methods I came across was with my Discover Card account. You needed your username and a strong password for step one, and after sucessful completion of this step, you had to answer one of your 4 security questions correctly also. This two-step process is not as strong as two-factor authentication. This relys on both something you know (your password) and something you have (your phone/dongle/etc...) for a sucessful login.
Now, you know what two-factor authentication is, we can move on to why it rocks! First, it is more secure than just a password because you have to know the password and additionally have access to a physical object like a phone or a dongle. This makes hacking your accounts much more difficult. One of the first internet companies to introduce this is Google. When you enable two-factor authentication, you have to login like normal with your username and strong password, and then enter a code that is sent to your mobile phone as an SMS Text Message.
If you don't want to use the text message method, they have a free open-source app called Google Authenticator. It generates a new 6 digit code every 30 seconds. On top of that, it gives individual passwords to each divice that you access the account with. This way, if I happen to loose my laptop, I can cancel the password for just that device and not have a security vulnerability without updating all my other devices.