The client that you are using to connect to the mail box must support 2-factor authentication; this mean that it must somehow present you the UI for the second factor.

Obviously this is not possible for an email account that you use in the context of an application. If  the account that you use with an EmailListener would require 2-factor authentication, the second factor (that is usually dynamic) is requested each time the agent would start to retrieve emails and an admin has to pick his mobile, get the text message with the second factor, run to the server machine, connect keyboard and screen, type in the factor ... all before the grace period expires. This every 5 minutes (per node and listener), 24 hours a day, 7 days a week, the whole year on.

Therefore 2FA is not feasible for technical accounts, at least it cannot be implemented that easily, and it would require a special type/media for the second factor, as this has to be sent to the application in a secure way. Text messages or the usual tokens do not work, for obvious reasons.

The usual recommendation for technical accounts is to use really long passwords that are completely random. As no human has to type them, that's normally not a problem - only when some unauthorised staff get access to the location where it is stored.

But the whole thing may change in future ...

Below link might be helpful.

https://www.laptopmag.com/articles/set-up-gmail-2-factor-for-outlook