I tried it and it seems to work well enough. It supports various authenticators (I used the Google Authenticator app on my iPhone, since I'm already using it for Gmail).
I hope they realize this isn't going to make their password digests any harder to crack. Last I heard, the only measure they actually took was to add some salt to a single round of SHA-256.