I've just signed up to Bitcoin Talk, and I was surprised that I wasn't asked to confirm my email address. I found this slightly disconcerting, as it means that a spammer can sign up with an alt name, and use somebody else's email address. If he makes this public, then it could cause problems for the rightful owner.
One other advantage of requiring email confirmation to a unique address is that it could reduce the number of alts being used by the spammers.
In a registration process the following are the standard procedures
1. Ask for the required information including email address.
2. Send a confirmation link in the email.
3. Active account using the confirmation link.
This way the system can confirm that the registered user own the email address.
In some case...
2a. Send a confirmation link in the email with a validation code.
3a. Upon clicking on the confirmation link once the user are on the new page then ask the user to enter the validation code. If the validation code match with the validation code in the email that sent earlier then active the account.
Wondering why SMF does not have this simple feature.
Someone can create an account with an invalid email account which never exists or with someone else's email account if they have a bad intention. They can do whatever they want and once they get caught then the whole community will blame that original email owner.
i.e: Imagine
[email protected]1 is trumps email account. Someone who hates trump (like me
) can easily create an account using this email address, he/she can conduct some super sensitive, highly risky activities in the forum. How would you know that it was not trump himself? In addition lets say Mr. Trump wants to create a BitcoinTalk account (LOL) then he will discover that he already have an account
1From my imagination only. I hope there are no such email address exists yet. Edit:
Whole trump things will be ruined if the investigators know that BitcoinTalk do not validate email address