3.5.7 further discussion in the assessment guide. please see the highlighted portion in the image. does it mean that the 3.5.7 requirements only apply if that user account does not have MFA ?
Guide - Two-Factor Authentication: Methods and Myths
ForgeRock Access Management 7.0.2 > OAuth 2.0 Guide > Authenticating Clients Using JWT Profiles
Google Authentication
Authenticator Management
Two-factor authentication explained: How to choose the right level of security for every account
Two-factor authentication for Apple ID - Apple Support (CA)
Types of two-factor authentication, pros and cons: SMS, authenticator apps, YubiKey
Enrolling and using both Microsoft Authenticator and a YubiKey Physical Token with Azure MFA – Kloud Blog
MFA for LDAP - Rublon
MFA Steps_PPT screen_Nov17v4 - ITS
Web Authentication: An API for accessing Public Key Credentials - Level 2
How To Set Up Google Authenticator For Call Of Duty
Types of two-factor authentication, pros and cons: SMS, authenticator apps, YubiKey