Hoo Boy, a "comical" error leads to MySQL not verifying passwords and allowing access? Yes you read it correct.
It is predicted that well over 900,000, that's Nine Hundred Thousand databases/servers may be susceptible to a little password verification error.
Read the article here: tragically-comedic-flaw-gives-anyone-root-access-900000-internet-servers
The term "token" can be used as a reference to a memento of an event. Dictionary.com states it as 
a memento; souvenir; keepsake: The seashell was a token of their trip.
In the world of Computers and especially the Internet, a "Token" is a representation of some sort of authority. Just, look at what Dictionary.com says also in explanation 4 and 5:
4. something used to indicate authenticity, authority, etc.; emblem; badge: Judicial robes are a token of office.
5.Also called token coin . a stamped piece of metal, issued as a limited medium of exchange, as for bus fares, at a nominal value much greater than its commodity value.
I think, someone mixed up their terminology on this issue and turned the token reference for MySQL authentication in to a memento of a breach. Guys, keep the reference of a token for authentication correct here, will ya? There's a LOT of people who use MySQL for business and pleasure who rely on the token for authentication purposes! Can't believe this one slipped through the cracks.
If and when they post a fix, I strongly suggest you update your databases!
Stay safe people!