You log into LastPass with your master password on your computer (or other device) and your website passwords are downloaded to your computer or device. When you go to a website, LastPass will auto-fill the username and PW for that site. If you have 2FA setup for a particular website, you will then still get that push to complete the login from that website.
If you are on a forum, like this one, and choose to remain logged in, then LastPass won't need to log you in again. It's only when you log out of LastPass that you need to enter your master password again.
If I understand this correctly, then anybody who gets physical access to my computer can access all my critical web sites because LastPass fills in everything in. That doesn't sound good at all.
But if I turn off auto-fill, then what? I have to use my long master password every time I want to log back in to my bank?