Allow end users to manage MFA settings
Currently, only an admin can enable/ disable MFA (2-step) authentication for end users. If we enable this for a user, it forces them to set it up. If we disable, well, it is disabled. I would like for end users to be able to set this up on their own time. For instance, firstname.lastname@example.org can log in and set this up if they would like to use MFA.
Dros M commented
This should be something that end users can enable on their own without involvement from an Admin. Having end users with the ability to turn on themselves would likely see a greater uptake of this additional security.