It would be great to have the option to add a secondary MFA option outside of Azure. With NinjaRMM this feature exists and helps add an additional level of security to have an out of band option such as a OTP/Security Key. If a techs machine was compromised it might not require MFA or if a bad actor registered their own MFA the instance would be compromised.