[JshWright]

No, but it's increasingly becoming the expectation that 2FA should be available.

Going from no 2FA to some 2FA is a more likely transition than going from bad 2FA to good 2FA (since bad 2FA still checks the 2FA box).