I recently had a hack involved with another e-mail account from someone outside the US and then logged in to Roll20 and saw the default language had changed. I don't know if this was something I did accidentally, a roll20 bug, or a person who had a password and identified another associated e-mail checking yet another site. I looked for a "log out of all devices" option and there wasn't one. I saw a forum for someone else requesting the same thing and saw you can e-mail roll20 and ask them to manually log you out of all devices. Seems like a delay in handling a security issue, but whatever. I sent the request, and the immediate response I got was, "Please confirm you're the account holder and this is the correct e-mail and we'll delete your account." What the eff?!?!?! I have thousands of dollars of purchases and active games on here. I have no desire to delete my account and said as much. Why is this such a difficult task to achieve? This should absolutely be the a default security option for anyone running a website that encourages you to store payment information.
