These are more about giving maintainers the ability to require 2FA for their projects collaborators, not PyPI itself requiring some subset of projects to use 2FA, like npm is doing.
I also don’t think the latter is something that we’re currently able to do: not for some technical reason, but because PyPI does not currently have a large support staff like npm/GitHub/Microsoft does. Account recovery requests due to lost 2FA are already a huge drain on staff/volunteer resources due to how time-consuming they are and their sensitive nature. A 2FA mandate at this time, without having support staff, would likely eventually result in an overwhelming backlog of requests.