2FA when users can register their own clients

[ashfame]

When we reach the point of user registering their own client for whatever needs, we should 2FA them to be really sure about the intent, to prevent possible misuse of their account.

Also admin should have moderation control over clients being registered and only when approved, a registered client should go live.