The new security requirements for you as a CSP indirect resellers are to be implemented to access to Partner Center only, so this means your customers are not required to have multi-factor authentication. While it is recommended because of increased security it is not required for customer.