That’s way easier to hack, no?

Whereas, requiring an unknown/unpublished email instead…, the odds are exponentially harder to hack an account.

I guess it’s not an issue if no one here has been hacked before, but on face value it seems like a bad idea.

Just curious. Maybe there is something beneficial I’ve not thought about. (I’m no website designer.)