Maybe your browser is configured to delete cache and cookies upon exit. One of the cookies would be .ROBLOSECURITY with a sepecial hash to determine user session. With the same password and at least one active session, it remains persistent.
Support actually messgaed me today, and they told me some random stuff about 2 step that I could find on their website
However, I read between the lines and found this
“Additionally, the email address receiving the code will be the one that is currently verified to your account so make sure your email is verified on your account.”
Translated as: If your email isnt verified, you aint getting no 2 step stuff.
Fix: I changed my email to another email, then changed it back so it was unverified
I’m glad you could solve the issue. However, I have to warn you about the security risk with unverified emails. Somebody could simply get their hand on your password and hijack your account. The 2FA window normally comes with a tick box to trust that particular device for one month, which is a much better alternative. If the 2FA still apears after that, then it’s almost certainly the cookie getting wiped. Have you tried different browsers?
To protect the account it’s a modern standard to have some sort of verification. I have 2FA via Google Authenticator or Authy on the phone connected on all my main accounts.