In your other SolarWinds products, multi-factor authentication (MFA) is superseded by single sign-on (SSO) since all identity providers already have some form of MFA in place.
However, in Pingdom (SolarWinds Cloud), MFA operates independently from the SAML SSO authentication. This means users must first authenticate with their identity provider (IdP) and then enter a second time-based token. If you choose not to enable MFA, the important owner accounts will only be secured by a single password, as they can access the system without SSO.
I would like to see more granular control over MFA, including an option to exclude SSO-only accounts from MFA requirements. Additionally, it would be beneficial to have a "Service Accounts" tab similar to the one in the SAML configuration, allowing users to be excluded from MFA when it is enabled.
