I am very excited to deploy the login with Google - this is a great feature.
However, I need to figure this out before I can deploy.
Since we don’t verify user’s ownership of email address with ADALO sign up, how do I prevent others from hijacking someone else’s email.
- BadGuy creates a new ADALO login - email@example.com
- The real owner of firstname.lastname@example.org signs in with Google login.
- BadGuy signs in using ADALO login and steals his info
What’s your thoughts on best way to deal with this?