Welcome to the forum!
The response by @BitCommunity is essentially correct.
In essence, the way this works is that your vault contents are stored encrypted on Bitwarden’s servers (in the case of LastPass, the stored passwords were encrypted, but a lot of other sensitive information was stored unencrypted). The login process authenticates you to the cloud servers (i.e., you convince the server that you are you, by using a master password that only you should know, and by proving that you are in possession of a 2nd factor that only you should have); once you pass the authentication test, the server delivers a copy of the encrypted vault data to your device, where the decryption process occurs. Decryption involves using your master password as a decoder to decipher a scrambled encryption key, and then using the encryption key to decrypt the vault contents. Note that the 2FA factor is used only in the authentication process, but it is not used in the vault decryption process that happens on your device.
If an attacker is able to break in to the cloud servers where your vault is stored, or if they are able to break in to one of your devices that have a cached copy of your vault (the copy that was downloaded when you logged in), then they can make a copy of your encrypted vault data (and in the case of LastPass, also your unencrypted vault data). Thus, they would have no need to go through the whole authentication process, the goal of which is to request a copy of the vault data to be delivered to you by the cloud server. Therefore, 2FA is irrelevant to this type of attack scenario — and that is true of any online data that require authentication by password and 2FA to gain access.
Ultimately, the main defense against a breach of your vault is a strong master password. Unless you are a high-value target, a master password with around 50 bits of entropy or more will be sufficiently strong to secure your vault. Note that entropy can be produced only by randomness from unbiased, unpredictable sources (e.g., cryptographically secure pseudorandom number generators, electronic noise, dice throws, or coin tosses — not the human mind, not matter how creative or unconventional you perceive your thought processes to be). You can generate a sufficiently strong master password by using the passphrase option (set Type=Passphrase) in Bitwarden’s Password Generator. If you are sufficiently disciplined to select the first passphrase generated (without touching the “Regenerate” button), then you can reduce the number of words to 4 (e.g., by pressing your keyboard’s ← button once) and pick the first passphrase displayed. Conversely, if you think that you will be tempted to use the “Regenerate” button to weed out passphrases that you don’t like, leave the number of words at 5 (to compensate for the entropy reduction caused by such cherry-picking).
If you have generated a strong master password in this way, then it is virtually uncrackable and you do not have to worry about anybody being able to guess your vault password. The 2FA is primarily protection against a different type of attack — in which the attacker already knows your master password (e.g., by shoulder surfing or by phishing), and therefore doesn’t have to do any brute-force guessing.