You won't lock yourself out. I just did a quick test and if you reset your password (via an email link) then you are automatically logged in. At this point you can even disable 2FA. So 2FA is protecting against logging in with a stolen password, but it's not protecting against logging in if you have access to the account's email account.
Whether or not that's the intended behaviour is another question...
Edit: There's a ticket already opened for that
https://github.com/pypa/warehouse/issues/5800