This proposal is mainly for large Foundation projects, but I think, for other major projects based on MediaWiki, it will also be useful.
Sometimes it happens that the flag of the bureaucrat is given or want to give out to participants who don't have an administrator flag. But the administrator’s flag can be given by bureaucrat’s clicking one mouse button, without any control. This can be done by an angry community member or the person who stole the account.
What if you create a setting that would allow you to give an administrator flag or any other only with the confirmation of another bureaucrat? This will protect the community from sudden violations with the flag of the bureaucrat. It will also allow the flag of the bureaucrat to be given without an administrator flag, since there will be no worries that the bureaucrat will give an admin flag for himself.