Integrate Azure MFA with the Windows login process, maybe through Windows Hello for Business.
From what I can see it's not currently possible to integrate Azure MFA into the Windows domain login process as a second factor. For example, if a user was to authenticate to the local AD first and then be required to use Azure MFA to add a second factor, using the Microsoft Authenticator app. This would remove the need for third party smartcards or hardware tokens.
David Russell commented
+ 1 billion. I would also like to see support for Linux SSH and Mac OS logins.