Email isn’t typically going to work as a second factor in addition to a password if that is what you are thinking.
Since passwords are reset via email, password and email magic link would boil down to a single factor. For example, a bad actor with access to a user’s email account could reset the password via email and click the magic link, all in one go. They would not need more than the user’s email account, which may be protected via a single weak or compromised password anyways.
Check out this line from our email mfa docs:
Note that Email is not true multi-factor authentication (MFA) as it does not represent a different factor than the password. It does not represent ‘something I have’ or ‘something I am’, but rather just another ‘something I know’ (the email password). It is also weaker than other factors, in that it’s only as secure as the email itself (e.g. is it encrypted end-to-end?).
If you are looking for security, authenticator apps are a good solution.
If you talk a little bit more about your setup and concerns we can try and work through a solution that works for you.