Very simple feature that we need urgently:
If an account is using Basic Authentication, there is a toggle (off by default) where 2FA can be enabled.
Doesn't even have to be phone/sms (the more options the better of course), but just simple OTP authenticator app support (like Microsoft Authenticator etc.)
Reasoning:
Basic authentication is not secure, and with some of our users it's the only way, which goes against policy.