Developers at large corporations are strictly informed that they are not the public face of the company and can't do that. These aren't mom and pop developer shops.
I agree to some extent but large companies do staff roles that have public outreach as part of their job description. Suggesting that no one is able to say "there is an internal ticket for this" is not the full answer.
Really? I've never seen anyone at Google or Apple who's in a "staff role with public outreach as part of their job". I don't think any big tech companies have those.
Job descriptions are usually something like: "As a Technical Evangelist, you will be the face of the platform and often the first contact our customers have with us, both online and in person."
Do tech evangelist roles really have the power to send things back to the product teams? They always seemed more like platform adoption/marketing people.
That's... not what technology evangelists do. Tech evangelists are the public face of a specific, often open-source, product/project. There are no tech evangelists for "all of Google". These are narrowly-defined roles, and they aren't empowered to be the public face of the company outside of that area.
These places are large complex organizations. Event at small places it's difficult to find the right person the feedback would go to. That also assumes that the person who takes in feedback can actually change anything.
My guess is that they want to implement the feature but the security burden is so high that it's not worth it. When everyone's ${stereotypical_computer_illiterate_user_of_choice} starts using MFA and losing their 2FA solutions, it may be worth tackling, but until then, I imagine the number of impacted users is relatively low.