Your comments

We're looking to use 2FA as well and this is holding us back from implementing until we can find another way to store this information. The description field in AD makes no sense as a place to store this information. Can someone look at this request again to see if this can be changed or at lease offer an explanation as to why it cannot?