It isn't. For reference, true two factor authentication means having any two of the following factors:

* What you know (usernames and passwords)
* What you have (mobile phone, security tokens)
* What you are (fingerprints, iris/retina patterns, etc)

Email access is always the first factor only, unless you email account itself uses 2FA. This is bad because the first factor is what is compromised by keyloggers (which is the whole reason for using 2FA in the first place). If you have a keylogger, your email is almost certainly compromised, and is thus useless as a form of authentication.