We have actually already addressed this problem in our developments which offers a phishing proof login, meaning even if an adversary knows your password and username they will still not be able to access your account. I believe adding this at the access level is important rather than doing it only for withdrawals as many customers do not encrypt their address, therefore in the situation they could not access funds due to withdrawal security you could be put in a worse situation if they decide to save customer addresses and use that as leverage over vendors/staff. However this additional security feature must be turned on and is not enabled by default so it is the responsibility of the vendor to safeguard his/her account.