One of the goals of email verification was to prevent a malicious user from using Psiphon to spam other people (partly so that we're not a nuisance to people, partly so that we don't end up looking like a spammer). If we allow no-rate-limited unsuccessful change attempts, then a malicious user can just keep putting in email address and forcing us to send out rapid-fire emails to whomever he wants.
This is related to another problem that has been discussed that I'll be adding a bug for shortly. (And then I'll add a link to it from here.)
I'm going to mark this as invalid. But if you have further input or I've missed the point, please add comments.
One of the goals of email verification was to prevent a malicious user from using Psiphon to spam other people (partly so that we're not a nuisance to people, partly so that we don't end up looking like a spammer). If we allow no-rate-limited unsuccessful change attempts, then a malicious user can just keep putting in email address and forcing us to send out rapid-fire emails to whomever he wants.
This is related to another problem that has been discussed that I'll be adding a bug for shortly. (And then I'll add a link to it from here.)
I'm going to mark this as invalid. But if you have further input or I've missed the point, please add comments.