A “device” is an installation of a Bitwarden client. There may be multiple devices on the same machine, eg. browser extensions in multiple browsers, desktop app, etc. Each of these has a unique device identifier that it communicates to the server. If the server recognizes the identifier and it is associated to the user logging in, the device is “known”.
Use-cases like yours, where incognito tabs are used, destroy the client-side device identifier when the session ends, thus each incognito window is a new device.
Users who have 2FA enabled are exempt from the entire new device verification feature and can expect no changes to the way login works for them.