|
|
|
|
|
|
by Cthulhu_
1522 days ago
|
|
|
Simple validation is easy enough to implement and will cover 99% of cases. For the rest you use verification, have the user activate their account before doing anything. Which is a pet peeve of mine; I've got an older e-mail address that probably ended up on some list, now there's people from Thailand and the UAE registering accounts using that e-mail address. Now while my account is still secure (2FA, long password, the works), it doesn't stop people from using it. Services like this one webshop and Deezer and probably a few others do not wait for e-mail verification before allowing users to place orders or use their service, or at least the free trial part of it. |
|
|