"Two" is a magic number that conflates the concept with implementation. Two-factor authentication is not useful because of 2, it's useful because of >1. "Multi-factor" lets us generalize to 0 factors (anonymous), 1 factor (weakly authenticated), and many factors (strongly authenticated).