I guess Daniel should do a better job at explaining why he's making you wait the 2 weeks. Over the years people have never-endingly being trying to hack each others accounts. Sometimes it's even successful, as one one hand you want to do something simple like "all correct password attempts result in a login" but on the other hand, you have people constantly giving out their passwords (?!), downloading malware, sharing their physical computers with scammers, etc.

The email 2fa system is nice, because most email providers have their own advanced security and its much harder to trick someone to giving access to their email than their gambling account. It's obviously not perfect, and there's some edge cases. Like forgetting the email address you used and not being able to click the verification link. To accommodate them, I think Daniel is being very reasonable by forcing a two-week wait, which would give the real owner a chance to stop the account take over if that was the case.

I guess the part people don't see, is the whole account security is designed around a number of theoretical and actual attacks (e.g. malware, account sharing, computer sharing...). As soon as you use "common sense" to reset passwords/emails, you invalidate a lot of the design decisions. And not to mention granting exemptions just creates a whole niche for social-engineers to try abuse or use public-pressure to abuse.

So I'd recommend for your own sanity, you just forget about it and set a reminder for 2 weeks.  If you don't have your money then, you'll have some grounds to actually cry foul. If it's any consolation, I bet there's well over a hundred million dollars being stored on bustabit accounts.  If Daniel wasn't taking account security so seriously, it'd be a lot more concerning to me.