I think that this is an unacceptable response. Requiring 2FA is a simple request to SAAS providers.
I feel like if Intuit is telling me to establish and enforce my own security protocols for using their software, they should also be telling me to hire my own accounting team.
I think that an appropriate response would be: the option for administrators to require 2FA for all users is on our road map. We will monitor user interest to help prioritize the effort required to develop this feature.
