Option to require additional 2FA for backstage (or running commands)

I love the backstage option, but the fact that you can get in with no authentication is absolutely scary.  I dont necessarily want to turn this off, but I feel like an additional 2FA code requirement, would at least provide some level of authentication.  

I also feel like the same should apply to running commands from the machine's page.  

When remotely controlling a machine, there is likely some form of login prompt required to access the machine.  Providing command access and backstage access without any authentication seems like a massively exploitable security hole.  

Please consider this.