|
|
|
|
|
|
by funkymike
2689 days ago
|
|
|
If you allow the full signup with the email confirmation after, then you are potentially sending the confirmation email to the wrong person. I have gotten sign up confirmations from other people using my email address. I have sometimes confirmed the registration, used the password reset to take over the account (since they use an email for the reset), then cancelled the account. If you aren't validating the email by sending an email that has to be replied to as part of the sign-up process (not after), then you are simply assuming that the email address was entered correctly without an opportunity for the person attempting the account sign up to correct it. |
|
|