The best solution would be to add support for multifactor in Flask-Multipass, and then make the necessary changes on the Indico side for this to work.
It will need quite a bit of thinking how to best implement it though, since unlike with logging in there need to be many more interactions with the application itself (ie Indico), and it needs to provide some UI for things like MFA setup/reset etc., and it’s up to the application to store the data (OTP secret, whatever is stored for webauthn, scratch/recovery keys).