Zerodha should let client set the Client Id as long as it is unique within zerodha. One less thing to remember.
Two Factor Authentication really means authenticating using 1. Something that you KNOW like a password, pin or answers to secret questions and 2. something that you HAVE like a Key card, OTP token (or OTP received on mobile phone), fingerprint, retinal scan etc. Most brokers don’t do it properly including Zerodha and ICICIDirect. they just interpret it as two password authentication. A sample Key card is shown. This is the easiest way for a 2fa authentication.
Transaction password is removed. I think that was good since their web session does not expire ever so they should bring it back.