Sign-Up Confirmation Email Should Be Mandatory

policy name: send_user_confirmation_email_not_enabled

severity: MEDIUM

Description

This security option enforces any new user to confirm their email address, and ensures the user is verified. This increases the security and integrity of the identities created within the system, and prevents situations where a user is spoofed by a malicious actor while using a legitimate corporate email address.

Remediation

1. Press Settings -> General
2. Expand “Sign-up restrictions” section
3. Toggle “Send confirmation email on sign-up”
4. Press “Save Changes”