Lots of authentication systems use an SMS code to reset your password, thereby essentially becoming 1FA.

Can you give an example? I don't think I've ever seen that, especially not from a bank!

Banks usually have information they can ask like Social Secuirty Number (which is inevitably in some leak).

eBay is the first one that comes to mind. I know I've run into it a couple of other times where a website will just offer to text you a code, but usually there is a small link you can click that says "use my password instead".

Facebook and Amazon don't have my cell phone number, but I bet they have an option.

I don't usually try to reset my passwords since I use a password manager, so it's probably more common than that.