> an account-takeover problem email doesn't have, for a couple of reasons.
> For email, the namespace is large.
> As far as I know personal email providers don’t reuse identifiers.
Email providers vary, their policies can change, and "don't reuse" may only mean "...for a year or few".
Or - if the email address is "@MyDomain.com", you have issues with expired domain name being picked up by less-than-saintly new owners.
mooreds•1h ago
That's a good point. The behavior varies wildly based on the domain provider and the behavior when you let a domain expire is similar to what happens when a phone number is deactivated, but with a possibly bigger blast radius.
bell-cot•1h ago
> For email, the namespace is large.
> As far as I know personal email providers don’t reuse identifiers.
Email providers vary, their policies can change, and "don't reuse" may only mean "...for a year or few".
Or - if the email address is "@MyDomain.com", you have issues with expired domain name being picked up by less-than-saintly new owners.
mooreds•1h ago