I'm guessing they just wanted to get this out the door quickly.
You get app specific passwords, but they're only good for an hour. By then, your app should have a token that is good indefinitely (and you can revoke from their apps list).
How much more time would it have really taken them to get TOTP out the door? I mean, a toy implementation only takes a few minutes... I get that the scale is completely different and they would need to audit all of their systems, but how long have they been working on this already? I can't imagine they only got the idea that maybe 2FA is a good idea last month. They probably have spent months on this already; had they wanted it from the beginning, would TOTP have really delayed anything?
You get app specific passwords, but they're only good for an hour. By then, your app should have a token that is good indefinitely (and you can revoke from their apps list).