What moron gives his password away...
Sorry but they shouldn't share/sell/lend out accounts

What are the odds someone knows the email address to which an account is linked, let alone the password to it so that they can obtain the confirmation code which they are prompted to provide every time they make an essential change to the account?

Sorry, but it looks to me you got it all wrong this time around, GT and you are just spreading paranoia amongst an already paranoid and borderline retarded community.

The new system may have its flaws, but overall it is much more secure than before. Obviously, there's always someone giving away both their email address and password to it. Because hey! They absolutely need to do it so that they can call HACK! on everyone else every now and then.

You do realize that the confirmation code is sent to the NEW email address, right? Again, for the fifth time, you don't need the current email address and login.

When you change the email address and ask for a confirmation code, the confirmation code is sent to the NEW email address.

You don't need the currently linked email and password at all.

I'm not sure why people continue to confuse this and proclaim everything to be ok while not understanding how the system works. The only thing I can think is that people would never think that a confirmation code should only be sent to the new email address, so they just assume it works how a normal email change would work by asking permission before changing.

Come on, I would think you'd understand how the system works before admonishing someone and making a joke of the situation since, obviously, you know how it works.

Again, copied directly from the change email section:
A Confirmation Code will be sent out to your new email address after you click the “Confirmation Code” button.
Please contact one of our assistants if you have a problem with verifying your email address.

====
And, even though I didn't want to...I did just change the email address on my account to prove my point.

The email I got states (this was received at the NEW email address):
You recently requested a confirmation code for your navyField.com account
Please use the confirmation code below to complete your request
*Confirmation Code*
This email has been sent to your contact email associated with your Navyfield.com account
If you did not request a new email, someone may have been trying to access your account
Please ignore this message, if the request wasn't done by you.
For more information, you can send us a support ticket at http://fm.en.kupaisky.com
====

I checked the old verified account for my NF account and there is no email notification that the email was changed.

At this point, I have the password and a brand-new verified email. I can change any information about the account with no recourse whatsoever for the original account holder. I have the new email address which will allow me to change the password with a confirmation code sent to an email that I control. I can then use the new password and new verified email to change the trade password.

Anyone else want to laugh it off as a hacker needing the email and password for the currently linked account while accusing me of spreading fear?

Go ahead and try it if you don't believe me. Of course, I guess you could just never verify your account on this new site and then you'll never have to worry about it. That seems like a reasonable solution. Just never log in to your personal account on this new site and never verify the account information, that way nobody can ever edit the information (including you). But, for most people, they've probably already verified their account on this new site. So, if someone gets that password, they can change the entire account with the original owner never knowing what happened.

The conf code was sent to the old email assigned to my account. I could not change my email address unless I provided that conf code.

So let me get this straight, you can instead specify the email address for the conf code to be sent to? It makes no sense.

Anyways, I have completely missed that part when screwing around with my account. Lemme check.

Later Edit: yep, what the f***? Why am I able to provide an alternate email address for the conf code to be sent to? Why the f*** would I want to do or allow for that?

Sorry, I did not get this the first time because I am a sane person who finds it counterintuitive to ever suspect that anyone in their right minds would allow for such bs. It does require some clicking around though.

You have to confirm your account, first. To make the account active. However, everyone has already done that if they are posting on this new site.

So, the original account holder would have to confirm the account. (Something we were told to do as soon as this new website went active). However, once the account is verified, you don't need to KEEP doing that every time you want to change information.

To double-check what I was talking about, I just had my mother log in to NavyField.com with my account and password on a computer that I have never used to access this forum.

While I walked her through it, she was able to get to the email change section without needing to verify the account. At that point, she could've change the email address.

When you click on your name after logging in, you are taken to the verify account thing where it states that you need to do this before changing personal information. However, all you need to do is click on "change email" and start with the email verification process. You don't have to verify your account before doing that.

The account verification thing that you see when you first enter your account is purely to change the name, address, birthdate, avatar, phone number.

You do not even need the pw for the account.I used a new email account to have them send me a new temp password,verified it,changed the pw,all using just the account name and a new email.

Soooo......... any updates on this situation or will $DE just ignore for 3 months ?