As an extra layer of security, we have given system administrators the ability to force backend console users to set up an app-based 2FA for logging into the system. When this setting is enabled, users cannot access the system without setting up 2FA on an authenticator app.
Here is a link to a help article on how to enabled Enforced two-factor authentication