All current implementations of 2FA are extremely centralized.
You'd basically have to pick another account you trust to give you permission to insta-powerdown.
Basically some kind of implementation of Multi-Sig.
Again, the logistics are such that we'd need to let users opt out of this as well.
As many users wouldn't want to allow another account to tell them if they can power down or not.