As of now, for built-in Portal named user accounts, multi-factor authentication is all or nothing meaning that MFA applies to ALL accounts on Portal.
My idea is to allow us to create MFA "groups" that allow us to enforce MFA for certain individuals or members of a specific role, but not for everyone in Portal.
For example, security best practices state that administrator accounts should have more stringent security policies, such as requiring MFA. My idea would satisfy this requirement to enforce MFA for administrator accounts, without requiring every account on Portal to have MFA.
