I suggest that every mailbox, not only the User Account Member Tools page, provide 2fa when logging in to the Member Tools available for each individual mailbox. There, passwords can be reset.
Another concern regards security for the Account Username itself. An email address such as Username@sonicnet would obviously be unsecure. However, my Account Username can be found by an intruder who breaks into the Member Tools page for an individual mailbox. I want no one to get my User Id.
In short: to protect mailbox password changes, implement 2fa capability for each mailbox.
Also, hide the Account Username in individual mailbox Member Tools.
Another concern regards security for the Account Username itself. An email address such as Username@sonicnet would obviously be unsecure. However, my Account Username can be found by an intruder who breaks into the Member Tools page for an individual mailbox. I want no one to get my User Id.
In short: to protect mailbox password changes, implement 2fa capability for each mailbox.
Also, hide the Account Username in individual mailbox Member Tools.