I've brought up the need for 2FA as well. I see the Parity Ethereum wallet has an option for it, so I know it can be done on the blockchain, but it might get tricky. We already have issues with people getting locked out of their accounts. It might be much worse if they lock themselves out by doing 2FA incorrectly and loosing access to their google authenticator, email address, or phone number. Google provides recovery keys, but Parity had an issue with brain wallet recover phrases as well, so if not done right it could actually have the opposite of the intended effect and make things even less secure.

It's complicated stuff. I love how you jump into these topics head first and pound on them until you can create a great piece explaining them simply for everyone. Keep on rocking it.