> Recently I've started getting really annoyed by them
In the end, the services that are using captchas are the services that become the least liked, and users will start migrating to other services that don't use captchas, so there's a business penalty for using them.
On the other hand, if you want to filter out bad actors, then captchas are the way to go. The reason I recommended hCaptcha is because they're easier to solve, and sometimes Google's reCaptcha offering is so complex and hard-to-solve that it starts inducing carpal tunnel / RSI symptoms (at least for me). I don't get so easily fatigued & inflamed with hCaptcha though.
When you log in with a password server gives you a cookie/token so you stay logged in. It can be invalidated if your IP changes, it expires or something like that. But if you're logged in with 2FA those rules can be relaxed, it's a simple as that if you ask me. Implementation dependent of course.
I don't think those sites show you a captcha before you enter your login and password, but rather on submit. So for that username you don't show them a captcha at all, if they don't have a proper cookie you ask for 2FA.
In the end, the services that are using captchas are the services that become the least liked, and users will start migrating to other services that don't use captchas, so there's a business penalty for using them.
On the other hand, if you want to filter out bad actors, then captchas are the way to go. The reason I recommended hCaptcha is because they're easier to solve, and sometimes Google's reCaptcha offering is so complex and hard-to-solve that it starts inducing carpal tunnel / RSI symptoms (at least for me). I don't get so easily fatigued & inflamed with hCaptcha though.