Two-factor authentication is based on something you know (mainframe account/password), and something you have (the authentication token). Both components are used together to authenticate a login request. This delivers a higher level of authentication assurance than reusable passwords alone. Each component (account/password or token) is useless without the other. If your password is compromised without your knowledge, it could not be used on those facilities requiring second-factor authentication.