I feel like you are trying to over-engineer this. Whatever your authentication source is, it should have brute-force counter-measures configured for it. AD and PrivacyIDEA have these baked into them.
MFA essentially allows you to post username/passwords in public and still have a secure application. The only way to gain access at that point is A. gain access to the user’s authentication token or B. brute force the OTP. Brute forcing a 6 digit token, like Google Authenticator provides, is literally a 1 in a million shot. If you configure token lockout at 10 fails, the attacker has 30 seconds to make a 1/10 guess. The likelyhood is incredibly small.
Stepping back into the real world, username/password combos aren’t as easy as being publicly posted for all to see (though we know users reuse passwords and other sites are breached regularly). So MFA allows you to add a layer of security in the event that A. User gets phished (assume they will) or B. User reused a password from a breached site. If either A. or B. occur, your site is still secure. In addition, if someone attempts to brute force and a token lockout occurs, an administrator should have a mechanism configured to alert the user or an administrator of the token lockout. At this point, the user is notified and should be directed to change their password.