Let's say you once worked in a company called Example Engineering Corporation, a very big and respected company. In fact, it is the biggest engineering company in the world, and it is a huge career accomplishment to be employed by it.
When you were an employee, you were given a corporate email, and you used it in Github so you could show everybody that you were working in the big leagues.
Thing is, you no longer are employed by Example Corporation. But to Github, that email is still valid, giving you an identity that you shouldn't have anymore.
So, should websites, specially the ones that can provide oauth authentication, ask you to periodically confirm if your email is still valid?
Top comments (2)
I have a github student pack, it is valid for 2 years then they ask me for re-verification. I think you should do the same thing.
If the account has been inactive for some time (say two years), it seems to me that asking to confirm the associated email is still valid is prudent.