In wordpress a user can change his email with a relatively simple process - in the profile page he can change the email address field, a mail is sent to the new address with an approval link to follow and once the link is followed the new email is set as the user's email.
This process is bad as if someone can get access to the user's PC while he is logged in he can change the email and password, log out, and the user will not have any way to regain access without server administration innervation.
It is worse for calm as we do not use user names for login, just email, therefor a user will not be able to complain that he lost access to account "abcdef" and admin will be able to change the email for him, it will just be impossible as the connection between email and the user will not exist anymore and it will not be possible to find the relevant account to restore the correct email address.
Final iteration (for now), user needs to verify/approve the new email address by following a link sent to it. In addition an "undo" link is sent to the old address.
In wordpress a user can change his email with a relatively simple process - in the profile page he can change the email address field, a mail is sent to the new address with an approval link to follow and once the link is followed the new email is set as the user's email.
This process is bad as if someone can get access to the user's PC while he is logged in he can change the email and password, log out, and the user will not have any way to regain access without server administration innervation.
It is worse for calm as we do not use user names for login, just email, therefor a user will not be able to complain that he lost access to account "abcdef" and admin will be able to change the email for him, it will just be impossible as the connection between email and the user will not exist anymore and it will not be possible to find the relevant account to restore the correct email address.Final iteration (for now), user needs to verify/approve the new email address by following a link sent to it. In addition an "undo" link is sent to the old address.