[Defender Pro] Forced 2FA needs to be cleaner

We have started implementing Two Factory Authenitcation using Defender Pro on all of our websites. I keep getting calls from people saying they can’t go anywhere other than their profile. This is because they have not enabled 2FA. I think a better way to do this might be to have a big red box at the top of the profile page telling them they need to activate 2FA to continue with a link down to the activating section. Another option would be to allow an admin to set how many times they can login before 2FA activates and have a message in the users dashboard telling them they need to activate the feature. It seems even telling people in advance doesn’t help them. Thanks.