If it's long and random enough to be very hard to remember, then it's MFA, in my opinion. A private key (e.g. the one used for TOTP) is nothing more than a quantity of random bits (with specific properties, grant you). I'll give you that the output is certainly reusable for a statically stored key, but you're still adding a second factor that, barring some alternate attack like keylogging, still adds security beyond a password.