They just don't know the merits of two factor authentication. That's said, however, as both services allows users to "remember" the sessions for a lengthier period of time, it's still insecure to sign in two those services even with two-factor authentication.
What attack can you make with the "remembered browsers" feature that you couldn't do without it? Stealing someone's computer and password and doing things with that?
