This would make conversations with clients, when discussing using Windsor as a connector much smoother from the security side of things.
2fa is in place when logging in via email/pw. what is missing?