a bunch of accounts and those accounts could eventually become old enough for your standards.
If you can delay an attack for 2 years, that's a feature. It's a lot of time to prepare a defence, don't you think?
PS: I'm not trying to present a bullet proof idea, just ideas for a better protocal than DPOS, making use of data provided by the use of the accounts over the years and somehow incorporate that data on the protocol, per comparison increasing the cost of an eventual attack.
RE: Reputational Enhanced Delegated Proof-of-Stake (REDPOS)