The article is not about multiple factor authentication.

It’s about single factor, password logins, using a one-time-token