Ability to disable main FTP account when using 2FA
As a cPanel user and sysadmin, I would like the main FTP account (that comes enabled by default with every newly created cPanel account) to have the ability to be disabled on a per user basis.
This is because when you enable the 2FA feature on a cPanel account, only the cPanel UI (i.e., /cpanel) gets protected by 2FA. The FTP account (which uses the same credentials with the cPanel account) is not protected by 2FA.
E.g., an attacker (that knows the cPanel credentials) can by-pass 2FA by simply using FTP. Once logged-in to FTP, they have full access to all files inside /home/user/ directory.
Having the ability to disable the main FTP account solves this issue.