This is probably stating the obvious, but keep in that there is nothing you can do to prevent your users from sharing credentials, even with MFA enabled. Even if a feature is added to prevent multiple concurrent sessions, multiple people can still use the same creds in serial. This is a behavioural problem that is solved with contracts.