I would really like to see hardware based 2FA as an option as well as authentication apps. I'm specifically thinking of Yubikey because it's just so easy and secure.
All my staff use YubiKey but I have a handful of customers who even know what it is. I'd prefer to see the auditing of 2fa strengthened first (easily seeing which employee and customer have it enabled, force enabling for certain accounts or roles).
