On a standard web signup form, users are required to have a unique email

Question

0

Asked: May 16, 20262026-05-16T16:43:45+00:00 2026-05-16T16:43:45+00:00

On a standard web signup form, users are required to have a unique email

0

On a standard web signup form, users are required to have a unique email for the site.

if the email is already in use, a new user cannot be created with that email – but this opens op for exploiting this to find out, what emails are members of the site (at least check if a specific email is in use).

Making sure a bot cannot mass-query is fairly straightforward – but is there a way to avoid it entirely?

The best thing I can come up with is letting the user create process fail with an unknown error and shooting an email to the address in the background, explaining password reset procedures.

Am I missing a better option?

Update:

I want to avoid taking the new user out of the registration process for the 99.9% of the time, when the email is actually unique. So halting the registration process to wait for the user to click a link in an email is not a perfect solution, although maybe viable in some use cases.

Report

Leave an answer
Cancel reply

You must login to add an answer.

Need An Account,

1 Answer

Editorial Team · Answer 1 · 2026-05-16T16:43:46+00:00

Editorial Team

2026-05-16T16:43:46+00:00Added an answer on May 16, 2026 at 4:43 pm

Let the registration continue as normal, but in the confirmation email you should say:

"You allready have an accout bla, click here to cancel this registration, or continue with new registration and delete your current account"

That way, the spammers never know the better, and its very user friendly.

0

Reply
Share
Share

- Report

Sign Up

Sign In

Forgot Password

The Archive Base Latest Questions

On a standard web signup form, users are required to have a unique email

Update:

Leave an answerCancel reply

1 Answer

Leave an answer
Cancel reply