How is user access to the system controlled? Do we provide support for any two-factor authentication mechanisms?

Azure AD, 2FA is down to the domain administration as it is SSO.

How is user access to the system controlled? Do we provide support for any two-factor authentication mechanisms?