The first example is still 1 factor just replacing password with a less secure authentication. That’s not normal for a company to do. The email code is a second factor if it’s in addition to the password.

What really gets me is SMS as the second factor. As if we don’t change numbers, use different SIMs in different countries etc. Amount of accounts I’m too lazy to go through manual unlocking since I changed my number. Just loss of business for them too. Poor IT decision costing the company real revenue. And SMS isn’t even secure.