Your comments

This was a great tool for speeding up workflow; I triggered this with a keyboard shortcut via AHK and would just type the name of the machine I needed to connect to. Because it now requires you to reauthenticate via 2FA while instantiating every connection, it's become useless for the purpose of accelerating workflow.

My suggestion is to add a single-use token generation/revocation system under the Admin>Security tab for the purpose of authenticating first and third party apps with this type of functionality. This allows auditing of connections on a per-client basis in addition to per-user, and shifts the attack surface from a passphrase to something ephemeral, which should hopefully address any security concerns the dev team has about this.