(no title)

I like the idea the author is taking about although I’m not too techie with all the details.

If I tried this “reverse” approach I would do it this way,

After the user creates their account, simply generate a unique token and tell the user to simply copy the token and send it back to a specific email address controlled by me with the token as the subject line and the body is ignored.

This way the user sends the unique code from the email address they want to use so we know it’s them cause how else would they get the unique token.

Is it 100% fool-proof? No. But most things humans touch is not secured 100% anyways but I’d like to think it’s a start.