Ability to see which accounts do not have 2FA enabled in an organization

Problem Definition

• Ability to see which users do not have 2FA enabled in an organization
• An organization could be forcing all of their managed accounts to use SSO but they may have external accounts accessing their products that they cannot manage, and it would be helpful to know which of these accounts are not using 2FA

Why this is important

The customer wants to audit and inform users to enable 2FA if excluded in an organization

Workaround

This data is viewable in the Managed accounts export (does not work for external accounts)

Potential Solutions:

• The Insights page under Security->Insights has a section at the bottom that details Two-step verification coverage. 
  It shows the number of accounts using/not using each security type. For example it shows how many accounts Log in without two-step verification. However, it only shows the number of accounts and doesn't show who those accounts actually are.
• Make 2FA status available in account profile page
• Add filter to managed accounts page
• Allow a way to export external accounts not using 2FA