This is a great idea! I was also thinking why not have a 2FA when you login? Only thing I can think of is that too many people use the site too much and it'd be annoying having to do that 4-5 times per day? Thanks for the research!