Drop the password requirement. Use fingerprints + face. Very hard to lose these, but not impossible. Note, this solution is 1.5FA, but would solve the issue at hand. (pun alert)
Very easy to lose the features of those that tracking systems identify, however. Scar tissue makes most fingerprint systems fail over the smallest of changes, and facial scarring is also, unfortunately, not an uncommon issue among the homeless.
Ignoring the issue of device accessibility - which is the crux of the 2FA problem.
This assumes they have a device that can read fingerprints/face. I'm going to homeless folks are also more likely to be on library computers, old phones, etc. and not have access to biometric sensors.
