Their support accused me I didn't protect enough the account with 2-factor protection: true, but I investigate and tested their system and 2-factor activated option is easily removable without any password
Explain.
When I set 2-factor authentication on their security options, after i logged out. I re-login, I back to security options, and I was able to remove the 2-factor option WITHOUT the use of itself.
To be clearer, if after I set 2-factor protection somebody steal my user and password and login from the homepage, he/she is also able to remove the 2-factor protection, add another btc address, and withdraw all the balance. So their 2-factor protection is a pure fake, just an illusion to be protected.
You have to use 2fa to log in when 2fa is enabled. So, no, you can in fact not remove 2fa without the use of 2fa, unless you specifically choose to set things up that way. In which case you are deliberately sabotaging yourself and so deserve no pity. You are just another random fudster.
But that's not the important part. Why weren't you using it? Why would you intentionally weaken security for your money?