You shouldn't force the end users to use a "Multifactor authentication" that is not completed. I need to be able to change the e-mail for the recovery of to use a MFA. Also, I should be able to setup a phone number for the MFA which it might not be t...
