QR Codes should require 2FA/MFA Validation

I know this was posted about 2 years ago, but I feel this needs to be brought up again.  QR codes currently circumvent the 2FA/MFA settings.  There is currently a bit of malware going around that will auto scan and accept the QR code login if you end up falling for it and running it.  If the system had prompted them for the 2FA/MFA challenge they wouldn't have been able to compromise any accounts that had the security feature enabled, but as it stands now they are able to completely bypass that security feature.

Another option I would like to echo from 2 years ago is the ability to disable QR logins for an account.  This would give users who are paranoid (such as myself) an added layer of security in the future.