Once OTRS 5 is deployed (T74109), we should consider enabling optional two-factor authentication for OTRS agents (2FA, see the release notes for OTRS 5 Beta 2, What’s New, section 3). It does not seem to be difficult to enable it, and it would allow agents who are familiar with 2FA to increase the security of their accounts.
The background for this request is that the WMF Security Team will be working on two-factor authentication for Wikimedia projects in the next quarter (cf. their schedule on meta). OTRS access should be protected with reasonable security mechanisms too.