Hmmm, I could see that different ADMINs could be utilized but to keep it simple at first I would be happy as I mentioned before. The point was to give it a real layer of protection - right now anyone with admin privileges can go and can alter the settings to change the plugins.
I think to be a real protector it should require a user name and password, even if its different then the Admin. BUT if it gets lost, the primary admin which is set in the settings should be the top of the chain and a password be sent to that address if possible.
Also another twist, it is very frustrating when you go to the plugin section but your system is running smoothly and they you get bombarded with update requests which should be tied in to the plugin protector. Basically if the plugin is protected, then the update button should be in the plugin protector screen and on the standard plugin page, have a note - updates available see plugin protector but not allowing the plugin to be updated unless through your screen.
Sorry if I wrote to much and thanks for your time.