🚀 Feature: Don’t let users login without verifying email address #606

New Issue

Open

opened 2026-02-04 20:38:34 +03:00 by OVERLORD · 2 comments

OVERLORD commented 2026-02-04 20:38:34 +03:00

Owner

Copy Link

Originally created by @NeurekaSoftware on GitHub (Jan 11, 2026).

Feature description

This feature request would build on #1223 and #810

Currently, users are able to login and authenticate without verifying their email address.

This results in:

• A malicious actor could register using another person’s email address to impersonate them.
• A malicious actor could block the legitimate owner from registering.
• A malicious actor could login to other apps using oidc.

Once again, this can be done within software applications directly, but I believe it is the responsibility of the OIDC provider to secure user accounts. As it stands, I cannot open signups to the web.

Pitch

• Please force email verification at signup, and do not create the account until emails have been verified.
• Do not let users change their email without first verifying the new email address.
• Any users that currently have an unverified email address, force them to verify it before they can login again.
• Do not allow users to authenticate with OIDC clients without first verifying their email address.

Originally created by @NeurekaSoftware on GitHub (Jan 11, 2026). ### Feature description This feature request would build on #1223 and #810 Currently, users are able to login and authenticate without verifying their email address. This results in: - A malicious actor could register using another person’s email address to impersonate them. - A malicious actor could block the legitimate owner from registering. - A malicious actor could login to other apps using oidc. Once again, this can be done within software applications directly, but I believe it is the responsibility of the OIDC provider to secure user accounts. As it stands, I cannot open signups to the web. ### Pitch - Please force email verification at signup, and do not create the account until emails have been verified. - Do not let users change their email without first verifying the new email address. - Any users that currently have an unverified email address, force them to verify it before they can login again. - Do not allow users to authenticate with OIDC clients without first verifying their email address.

OVERLORD added the needs more upvotes label 2026-02-04 20:38:34 +03:00

OVERLORD commented 2026-02-04 20:38:37 +03:00

Author

Owner

Copy Link

@jonnywright commented on GitHub (Jan 16, 2026):

Whilst I agree with the principle, I do think this should be an opt-in feature and not something enforced across all deployments (or at least retain the current feature of being able to manually mark an email address as verified). I expect that the types of deployments for this service are very diverse, and there could be instances where pseudo-email addresses are used, and therefore impossible to verify (perhaps in isolated, offline environments).

The way this issue reads to me is that all deployments should enforce actual email address verification, which may not be possible in some deployments.

@jonnywright commented on GitHub (Jan 16, 2026): Whilst I agree with the principle, I do think this should be an opt-in feature and not something enforced across all deployments (or at least retain the current feature of being able to manually mark an email address as verified). I expect that the types of deployments for this service are very diverse, and there could be instances where pseudo-email addresses are used, and therefore impossible to verify (perhaps in isolated, offline environments). The way this issue reads to me is that all deployments should enforce actual email address verification, which may not be possible in some deployments.

OVERLORD commented 2026-02-04 20:38:43 +03:00

Author

Owner

Copy Link

@NeurekaSoftware commented on GitHub (Jan 17, 2026):

Whilst I agree with the principle, I do think this should be an opt-in feature and not something enforced across all deployments (or at least retain the current feature of being able to manually mark an email address as verified). I expect that the types of deployments for this service are very diverse, and there could be instances where pseudo-email addresses are used, and therefore impossible to verify (perhaps in isolated, offline environments).

The way this issue reads to me is that all deployments should enforce actual email address verification, which may not be possible in some deployments.

Opt in sounds reasonable to me, I just need a way to deploy a public service securely. :)

@NeurekaSoftware commented on GitHub (Jan 17, 2026): > Whilst I agree with the principle, I do think this should be an opt-in feature and not something enforced across all deployments (or at least retain the current feature of being able to manually mark an email address as verified). I expect that the types of deployments for this service are very diverse, and there could be instances where pseudo-email addresses are used, and therefore impossible to verify (perhaps in isolated, offline environments). > > The way this issue reads to me is that all deployments should enforce actual email address verification, which may not be possible in some deployments. Opt in sounds reasonable to me, I just need a way to deploy a public service securely. :)

OVERLORD referenced this issue 2026-02-04 20:58:38 +03:00

[PR #606] [MERGED] chore(translations): update translations via Crowdin #849

Sign in to join this conversation.

No Branch/Tag Specified

Branches Tags

main

feat/email-verification

oidc-scopes

default-env-db-keys

slog-gorm

v2.2.0

v2.1.0

v2.0.2

v2.0.1

v2.0.0

v1.16.0

v1.15.0

v1.14.2

v1.14.1

v1.14.0

v1.13.1

v1.13.0

v1.12.0

v1.11.2

v1.11.1

v1.11.0

v1.10.0

v1.9.1

v1.9.0

v1.8.1

v1.8.0

v1.7.0

v1.6.4

v1.6.3

v1.6.2

v1.6.1

v1.6.0

v1.5.0

v1.4.1

v1.4.0

v1.3.1

v1.3.0

v1.2.0

v1.1.0

v1.0.0

v0.53.0

v0.52.0

v0.51.1

v0.51.0

v0.50.0

v0.49.0

v0.48.0

v0.47.0

v0.46.0

v0.45.0

v0.44.0

v0.43.1

v0.43.0

v0.42.1

v0.42.0

v0.41.0

v0.40.1

v0.40.0

v0.39.0

v0.38.0

v0.37.0

v0.36.0

v0.35.6

v0.35.5

v0.35.4

v0.35.3

v0.35.2

v0.35.1

v0.35.0

v0.34.0

v0.33.0

v0.32.0

v0.31.0

v0.30.0

v0.29.0

v0.28.1

v0.28.0

v0.27.2

v0.27.1

v0.27.0

v0.26.0

v0.25.1

v0.25.0

v0.24.1

v0.24.0

v0.23.0

v0.22.0

v0.21.0

v0.20.1

v0.20.0

v0.19.0

v0.18.0

v0.17.0

v0.16.0

v0.15.0

v0.14.0

v0.13.1

v0.13.0

v0.12.0

v0.11.0

v0.10.0

v0.9.0

v0.8.1

v0.8.0

v0.7.1

v0.7.0

v0.6.0

v0.5.3

v0.5.2

v0.5.1

v0.5.0

v0.4.1

v0.4.0

v0.3.1

v0.3.0

v0.2.1

v0.2.0

v0.1.3

v0.1.2

v0.1.1

v0.1.0

Labels

Clear labels

breaking

bug

bug

bug

documentation

feature

needs more upvotes

open to pull requests

pull-request

Mirrored from GitHub Pull Request

No Label needs more upvotes

Milestone

No items

No Milestone

Projects

Clear projects

No project

Assignees

Clear assignees

OVERLORD

No Assignees

1 Participants

Notifications

Subscribe

Due Date

No due date set.

Dependencies

No dependencies set.

Reference: starred/pocket-id#606