Scalable compute services.
Simple object storage.
Run managed Kubernetes clusters.
Tools & Integrations
Automate your infrastructure.
Deploy pre-built applications.
Connect, share and learn
DevOps and development guides
Questions & Answers
Development and systems Q&A
by Justin Ellingwood
Right now you can disable 2FA on an account with a single click.
Any & all significant account changing functions like this should always reconfirm the user by requesting their account password.
This is a no-brainer and it is disappointing that security is severely lacking on DO. A password should also be required when deleting any resource. In fact, I think if 2fa is enabled, 2fa should be required along with the password (or make this optional).
You won't be notified about changes to this idea.