It would be great from a data security point of view to be able to enforce 2fa for all logins. Preferably google authenticator compatible ones.