Idp is enabled with Okta and also with SAML SSO The SSO login to ZIA is done via Okta.
The same admin account can login directly from ZIA portal using single factor authentication. If someone brute-force the password, they can bypass and login to the portal without okta. Is there an MFA option or a way to disable single factor login?