This step needs to be carried out by the administrator of your DualShield MFA server.
Sign in to the admin console of your DualShield MFA server.
Modify an existing Computer Logon Client policy or create a new one
In the "General" section, enable the option "Enforce MFA at Logon, Unlock & UAC in local computer logins"
Optionally, you might also want to enable the option "Enforce MFA at Logn, Unlock & UAC in local computer logins" in the "Offline" section.