Making MFA required for all users, instead of allowing them to opt in to use, would be safer for all of us. It is great that those of us that want to protect our accounts can do so by choosing MFA. But if it were required of everyone it might help reduce stolen accounts and the unfortunate messages sent in groups with phishing links.