Add option for admin-mode 2FA
Proposal
When Admin Mode is enabled, it would be useful to have a configuration option to require 2FA for admins only when entering Admin Mode, versus having to use it every single time. We want 2FA for our admins, but it's rather cumbersome for their logins when using ephemeral VDI deployments for non-admin activities. They use the VDI several times per day, and normally authenticate via Kerberos, so it's seamless.