Did you read the blog post?

The first paragraph concludes with:

> We have also released two factor authentication and we strongly encourage all users to enable this security feature.

Also, the title of the post is:

> March 2015 Security Incident and the Launch of Two Factor Authentication

They are not pending 2FA anymore.

I just enabled it with Google Authenticator. And tried using on my phone. Didn't seem to work. May be they are getting DDoS right now due to the announcement.