Prevent Hacking

2 posts

Flag Post

Email changes on accounts should require a activation link sent to the email to change it. Currently all you need to change the email is the login password.

 
Flag Post

That’s not exactly a preventative measure, more just a precautionary one. People should not be able to guess/get access to your password in the first place. And besides, part of the reason why someone might want to change their linked email is that they no longer have access to their old one, so they wouldn’t be able to confirm the change in that case.