tbh this might be a good thing (not talking about amazon)

• as it normalizes MFA/2FA/TOTP
  • which would help increase adoption
    • and therefore it would increase users’ security hygiene

It says in the article that this won’t apply to org member accounts yet, but I wonder how it’ll work eventually. Member accounts created via account factory don’t even have a password, so you have to go through email account recovery to set one and then set up MFA. If this only applies to root users with passwords, that’s fine, otherwise I hope account factory will get a way to set up PW/MFA on a generated root user.