I believe that I just wrote my previous thread very badly, as everyone focused on the title and almost everyone talked about the pros and cons of compulsory/mandatory two factor authentication on everyday log in procedure.(Actually I never ever imagined that one of our competitor game would put something like that mandatory, because LOTRO is the only "English" MMO I play. I also understand the cons because I experienced various methods in some other games, though not compulsory.)
At least in this thread I don't want to talk about inconvenience regarding everyday log in procedure. Actually I'm more curious in "recovering taken-over account."
The first way is to click "Forgotten your password" in myaccount.standingstonegames.c om. then the reset e-mail will be sent to your linked e-mail account.
However this method can be disabled too easily because "account robber can change your linked e-mail address immediately" in the same website if she successfully robbed your account password.
Then you should go to https://help.standingstonegames.com/ and use tickets, however it could be very time-consuming and troublesome.
LOTRO is not a P2W game or some game to do with real money trading, so robbing someones account only temporarily won't make much benefit.
It is the reason that I believe that applying authentication procedure to changing linked e-mail account in "ACCOUNT PROFILE" in https://myaccount.standingstonegames.com/ will be way more effective than inconvenient everyday authentication.(The method can be various such as e-mail itself and other two factor methods, however it will be easier to provide various method in the website than in the launcher.)
Of course it should be optional and selective. Then only someone who chose to use authentication procedure however lost their tool/method later and want to change their linked e-mail address will need ticket to solve that problem in help website.