I would argue that a 1FA unguessable password used once is just as good. Certainly better than the case where the provider offers account resets using just SMS thus having effectively 1FA SMS.