rcsheets
commented
7 years ago I would think that having at least one verified way to contact an account holder should be required in order for an account to have any privileges, so this seems like a legitimate issue. It might not need to be an email, though. We could also support SMS or something.
I noticed that creating an account in sudoroom.org/humans did not require that the email be an authentic email..... isn't this a security weak point because someone could be registering hundreds of users with a simple bot script?