Welcome to the Auth0 Community!
Thank you for posting your question. You can’t have only Email MFA as is not true MFA because it does not represent a different factor than the password. It does not represent something I have or something I am , but rather just something I know (the email password). It is also weaker than other factors in that it’s only as secure as the email itself (for example, encrypted end-to-end).
Thanks
Dawid