We are currently implementing MFA for all production and non-production environments in Sprintr.
Currently, MFA can only be implemented for Sprintr environments that are marked as a production environment. In order to mark an existing environment as production, you basicaly need to ask Mendix Support to create a new production environment and copy the database, settings, constants, etc. to this new environment. Afterwards you can request Mendix to remove the old environment.
Not only is this proces time consuming for both us and Mendix support, it is also very sensitive to errors. Since we have hundreds of environments, this would be a huge operation.
I would suggest to include MFA in de login flow when someone logs in to Sprintr. In this case you don't have to configure MFA per environment.