Quick question, why do router gateway admin logins not operate with 2FA?

Surely this would stop a lot of unwanted breaches when admins choose unsafe passwords or even keep the manufacturer credentials.