I imagine Mat Honan's tale of hacking woe has a lot of geeks struggling to explain two factor authentication to their non-geek inclined friends and family members. The good news is that people routinely use two factor authentication without even realizing it.
Here's a quick way to explain two factor authentication to normal folks (if you're looking for a tutorial on how to setup two factor auth for your Google account read Lex Friedman's article):
Something you know, and something you have. That's what two factor authentication is all about. You're used to logging into a website with a username and password, which both fall into the "something you know" category. To add an additional "factor," or way to prove you are who you say you are, two factor auth requires you have something in particular: a dongle, a smart card, fingerprint, or your phone.
If this sounds familiar to you, it should. You use two factor auth whenever you withdraw money from an ATM. You can't just walk up to an ATM and get money by swiping your card (something you have) or using your PIN (something you know); you have to use both to gain access to your account. The same theory applies to websites that offer two factor authentication for logging in.