With all the scary stories of theft at registrars, I have been thinking about another potential vulnerability. Even though we can use 2FA at most registrars and email providers, this feature seems to be missing at the leading marketplaces such as Sedo, Afternic and Undeveloped. Suppose someone gains access to your account there and changes the price of one of your best listed domains to a much lower BIN price and then purchases it? This would be particularly scary if your domains are in Sedo's or Afternic's Fast Transfer programs, since the domain could move to another registrar instantly. If the perpetrator does not lower the price to something totally unrealistic, it might be difficult to get the domain back. So I think it is time for marketplaces to offer 2FA as well. What do you think? Am I being overly concerned?