Some people have Airbnb apps, and are logged onto Airbnb on their phone or Ipad. If phones or IPads are stolen and apps are accessed before the timeout period, unauthorized access could be granted.
You could also be someone with credentials to log in, but not be entitled to this kind of private access. Ex-spouses and other family members who know what passwords you are likely to use may fall under this category.
This extra level of validation is in place to protect you as well as Airbnb. If Airbnb wants to do a double-check on verification, it does not mean that the platform is insecure. For instance, 2-level authentication with your bank is another example of this. Does the fact that your bank may require you to confirm your identity by verifying by phone, as well as with a password, mean that your bank is insecure?
I’m from the US, where the above authentication mechanisms apply. If I’m not understanding some extra level of authentication applicable in your region, then please disregard.