This feels very not right… How can they refuse email change? Can only imagine how many people who eventually change their emails and want theirs changed too. What a shitty thing.

  • Jackinopolis@sh.itjust.works
    link
    fedilink
    English
    arrow-up
    2
    arrow-down
    10
    ·
    1 year ago

    What else is reasonable to use to uniquely identify users? A username they’ll forget? A phone number maybe? But who wants to give their phone number to some company? We could use SSN like Korea, but that’s way too far for a typical user.

    • Nougat@kbin.social
      link
      fedilink
      arrow-up
      29
      ·
      edit-2
      1 year ago

      You want to use a value which will never change, so you don’t use anything the user provides at all. When a user creates an account, that account is assigned a unique identifying value by the application. This is how objects are identified in Active Directory, for example: each user, computer, group, etc. gets a Security Identifier (SID). That SID never changes, and the value is never repeated for any other object ever, even if the original object is deleted. Every other property of the object can be changed.

      Basically, the key value to say “this account is this account” should never ever have any other purpose.

    • Still@programming.dev
      link
      fedilink
      English
      arrow-up
      18
      ·
      1 year ago

      you would use some form of UUID or GUID and then have email as a secondary to look the ID up