That's the thing. I've worked professionally in the past with various helpdesk systems, with intranet/extranet tools, financial infrastructure systems as part of my former career in financial services - and of all the web based tools I used, even those where multiple firms had login details to the one system (think credit reporting systems), even those did not have email address, but username, logins.
In fact, of all the services I have used and continue to currently use that have the 'professional' mentality attached, more of the services I use do not use my email address as my primary login, though all of them have my email address, so I'd argue that's probably not a great case to make either in the name of using emails for 'professionalism'.
There IS a case that can be made for using email authentication. It's really not a great case, especially if you change email addresses, make a typo and then you're really locked out of your account. (Yes, you can be locked out of your account otherwise for the same reason, but realistically you have a better chance of getting it fixed if you have a username attached to it that you're normally using.)
I should point out that this debate has already been had, once on sm.org, once here before. The fact remains that people will continue to be insecure in spite of any measures you place making them more secure, and if someone can type in a username instead of an email address, they invariably will, because it's easier.
Case study: I used to work at a corporation that had a 30 day expiration policy on passwords. Each password had to be a minimum of 8 characters, use no dictionary words, must include upper and lower case plus at least 2 characters that were either digits or symbols. Oh, and not reusing any of the last 3 passwords.
This was for financially sensitive systems, whereupon you would regularly have people phoning up IT to change their passwords because they couldn't remember them. Unless they wrote them down on post-it notes on their monitor. This sounds like an urban legend but I saw it happen every single day.
The consequence is that the more you do to make it more secure, the harder it is for users to use: complex passwords that change regularly mean users try to find easier passwords to remember, bearing in mind the potentially short term therein.
The moral of the story is that users will use what is easiest, not what is theoretically best. That's why people still use 'password' as their password, because it's easiest for them to remember.