Better two-factor authentication
The MFA should use something like Microsoft Authenticator or even SMS(text) for it's second factor. Receiving an email as a second factor isn't as secure because if a computer has been been compromised, chances are the user's email has been compro...