Would it even really matter if you had 2FA? Cause if you're using 2FA wouldn't you likely have the login auth sent to your email anyway? Thus if they have access to e-mail they can get the auth then.
Then again if you are using a site/email that is this important your password needs to be pretty much un-bruteforceable, not just "smokeweed555" but rather like "diu@E3O-)SvV1!n^mk#9iPz$"
*shrug*
I bought some shares of Altswap a while back thinking it showed promise but watching the launch deadline come and go a month ago does not bode well, glad it wasn't much.
But, as a project co-owner on cryptostocks, I can say this doesnt help people feel safe about using the exchange :/