@joshua I believe one reason MFA cannot be supported for non-migrated users is that their details are overwritten with every login.
However, if the source application could retain these details and transmit them through a connector, could it be possible to support MFA?