Title: User security
Last modified: August 22, 2016

---

# User security

 *  [eneoth](https://wordpress.org/support/users/eneoth/)
 * (@eneoth)
 * [11 years, 9 months ago](https://wordpress.org/support/topic/user-security-1/)
 * I am having dificulty understanding why user security and validation is so vague
   in WP.. Surely email verification should come as default?
 * Anyway I have been trying to find a solution to user security. All I can seem
   to find are plugins that send email validation links on **registration**. This
   is great, however a user can the log in and just change the email to [foo@par.com](https://wordpress.org/support/topic/user-security-1/foo@par.com?output_format=md)
   no questions asked. Either
    a) I now have an unverified user; or b) A potential
   hacker has just hijacked the account.
 * Surely I am missing something here, these features predate WordPress so there
   must be a solution?

The topic ‘User security’ is closed to new replies.

## Tags

 * [email](https://wordpress.org/support/topic-tag/email/)
 * [validation](https://wordpress.org/support/topic-tag/validation/)
 * [verification](https://wordpress.org/support/topic-tag/verification/)

 * In: [Fixing WordPress](https://wordpress.org/support/forum/how-to-and-troubleshooting/)
 * 0 replies
 * 1 participant
 * Last reply from: [eneoth](https://wordpress.org/support/users/eneoth/)
 * Last activity: [11 years, 9 months ago](https://wordpress.org/support/topic/user-security-1/)
 * Status: not resolved

## Topics

### Topics with no replies

### Non-support topics

### Resolved topics

### Unresolved topics

### All topics