We are using DUO MFA for all our servers in the SMB Solutions Cloud and for all our MSP customers using Office365 we have enforced MFA for them as well.
The biggest challenge is getting people over the frustration of an additional step when signing in but as we always explain, better the extra step to prevent being hacked than the pain of recovering from a hack.
Are there any other 2FA solutions that others are using with their SAP Business One deployments that you can share your experience with?