Email relies on insecure, outdated protocols, such as SMTP. It was never designed to be used in the context of authentication, and certainly shouldn't be used for sensitive communications in comparison to secure communication protocols such as the Signal Protocol or SimpleX Chat Protocol. Furthermore, requiring email for sign ups provides a privacy risk, since email is usually tied to a lot of personal information. While email can be made "less bad" in terms of privacy and security, the best course of action is to remove the requirement altogether.
What does this mean for server load?
Anyone can create an email address. That means that any mass sign up risk that is present without requiring emails is still present even if you require emails. The best email requirements can provide is an unreliable method to ban unsavory users. Again, these users can just create another email to trivially evade the ban. There's much more reliable methods to ban users than by checking emails and prevent mass sign ups. Removing the requirement for emails would benefit some of the server infrastructure, such as the email servers. It makes creating an account very low maintenance and little human oversight needed.
What about contacting users?
When I first brought this issue up, one of the concerns presented was communication with users. That is a valid concern, but not one that requires an email to solve. There is no shortage of communication methods. As mentioned before, Signal and SimpleX Chat are some of the gold standards in terms of these protocols.
In the simplest case, Codeberg could provide a built-in method of contact. If a user is warned or punished, they will still be able to access this menu to discuss or appeal the issue. This provides granular control over how communication standards are met, as well as not needing to rely on a third party service like email. However, designing a contact service from scratch is cumbersome to maintain, so there is a trade off.
Another option would be to instead, on sign up, require any arbitrary form of contact. There could be a drop down menu with options such as Email, Phone Number, Signal, SimpleX Chat, Custom, etc. At least one of these must be provided to sign up. This removes reliance on email while still providing a way to contact the user. Of course, it would be better to just pick one method of contact across the whole service and stick to it, but that should not be email.
Next generation accounts
Many projects such as Mullvad VPN, IVPN, KYCnot.me, SimpleX Chat, Session, and more require no information to use, not even a password. They randomly generate an account number which is used to login. If this seems odd, remember that most cryptocurrencies do the same thing. This is the gold standard for privacy and anonymity, and combining it with passkey authentication makes it even more secure.
While this is a bigger step from only requiring a username and password, it is where Codeberg should try to be headed. If a user does not want to provide a method of contact, that is their choice and they hold full accountability for the consequences. This is a scenario in which having a built-in contact method becomes useful. In any case, email should not become the scapegoat for communication, authentication, etc. The risks are far too high.
### Comment
Email relies on insecure, outdated protocols, such as SMTP. It was never designed to be used in the context of authentication, and certainly shouldn't be used for sensitive communications in comparison to secure communication protocols such as the [Signal Protocol](https://signal.org/docs/) or [SimpleX Chat Protocol](https://simplex.chat/docs/protocol/simplex-chat.html). Furthermore, requiring email for sign ups provides a privacy risk, since email is usually tied to a lot of personal information. While email can be made "less bad" in terms of privacy and security, the best course of action is to remove the requirement altogether.
# What does this mean for server load?
Anyone can create an email address. That means that any mass sign up risk that is present without requiring emails is still present even if you require emails. The best email requirements can provide is an unreliable method to ban unsavory users. Again, these users can just create another email to trivially evade the ban. There's much more reliable methods to ban users than by checking emails and prevent mass sign ups. Removing the requirement for emails would benefit some of the server infrastructure, such as the email servers. It makes creating an account very low maintenance and little human oversight needed.
# What about contacting users?
When I [first brought this issue up](https://codeberg.org/Codeberg/Contributing/issues/61#issuecomment-6528922), one of the concerns presented was communication with users. That is a valid concern, but not one that requires an email to solve. There is [no shortage](https://privacyspreadsheet.com/messaging-apps) of [communication methods](https://eylenburg.github.io/im_comparison.htm). As mentioned before, [Signal](https://signal.org/) and [SimpleX Chat](https://simplex.chat/) are some of the gold standards in terms of these protocols.
In the simplest case, Codeberg could provide a built-in method of contact. If a user is warned or punished, they will still be able to access this menu to discuss or appeal the issue. This provides granular control over how communication standards are met, as well as not needing to rely on a third party service like email. However, designing a contact service from scratch is cumbersome to maintain, so there is a trade off.
Another option would be to instead, on sign up, require any arbitrary form of contact. There could be a drop down menu with options such as Email, Phone Number, Signal, SimpleX Chat, Custom, etc. At least one of these must be provided to sign up. This removes reliance on email while still providing a way to contact the user. Of course, it would be better to just pick one method of contact across the whole service and stick to it, but that should not be email.
# Next generation accounts
Many projects such as [Mullvad VPN](https://mullvad.net/en/vpn), [IVPN](https://www.ivpn.net/en/), [KYCnot.me](https://kycnot.me/), [SimpleX Chat](https://simplex.chat/), [Session](https://getsession.org/), and more require no information to use, not even a password. They randomly generate an account number which is used to login. If this seems odd, remember that most cryptocurrencies do the same thing. This is the gold standard for privacy and anonymity, and combining it with passkey authentication makes it even more secure.
While this is a bigger step from only requiring a username and password, it is where Codeberg should try to be headed. If a user does not want to provide a method of contact, that is their choice and they hold full accountability for the consequences. This is a scenario in which having a built-in contact method becomes useful. In any case, email should not become the scapegoat for communication, authentication, etc. The risks are far too high.