Currently, all admins bypass SSO completely, which is a security gap since those sensitive accounts are the ones we need to be secured the most. I understand the use case for having a breakglass account, but making all admins bypass it with no way to enforce it defeats the purpose of having SSO enabled to begin with.