It would be done by the authentication system we are pointing EZproxy to for account validation. Normally this is done with a SAML authentication method Like Microsoft Entra ID (Azure) and it handles the multi-factor authentication portion before sending the authorization to EZproxy.
EZproxy does not have a way to natively handle Multi-Factor authentication for methods that present the EZproxy login page.