we have a lot of accounts that require totp (timebased-One-Time-Passwords) that you normaly activate in your personal google or azure authenticator. If we could request a totp code from passwork we could still allow secure access to the site but keep a good view on who's using it. And as a bonus, if you remove a user its access. the access will be instantly blocked, even if they saved the password. code example in https://totp.danhersam.com/