This may seem like a stupid question, but I'll ask it anyway.
When I count, I see the username and password as two factors. The factors, as I understand it, should be a combination of something you have (CAC, ATM card), know (username, password), and are (retina scan, fingerprint, voice pattern). Using that definition, username and password are two factors. It's quite possible to have a single factor, i.e. password only to log in on a device. A smart phone is a perfect example. You have your PIN, but no user name. On your computer, typically you have to put in your username (first factor) and your password (second factor). Adding a biometric like thumbprint, voice, retina, etc. would be an additional factor, making it three factor authentication.
Maybe I'm just being thick, or have completely misunderstood what's going on here with the naming, but this seems like they're looking at three factor authentication. Since initially writing this, after hitting the preview button, I've looked at the wikipedia page on 2FA/MFA/TFA and find the moniker to still be incorrect in this application.
Am I thinking too hard about this? Is it really simpler than I think it is? (Please be kind in your application of the clue bat.)