We would like to 'protect' certain Teams/Group, where for certain actions (like destroy a droplet) an approval of a second team member is needed before execution.

Just like you now can 'force-2auth' to all users in a Team, you should be able to add 'force-4eyes' in a team.

For example; an account or device is hacked of one of the team members, and is able to login to the DO dashboard. During this the hacked account is deleting/destoying droplets and their resources. Now, all the droplets and resources will be deleted immediatly, which results in a single point of faillure security risk.