Its bad because 85% of the usecase of 2fa is people using bad passwords. If you use a bad password in one place, you probably are also doing so on your email.