Something I’ve never ever considered since this very discussion: Why are all services even asking for an email in the first place?
If you get rid of all the notifications or other usages (what was considered here) and if you don’t consider all the reasons why the PROVIDER of the service does want it (build a database, being able to mail announcements, potential ads, limit a little mass account creation? [not really], maybe have a way to contact the user, etc.), from the USER POV: Why? If you actually don’t want to be contacted nor receive any email.
I can only see the recovery of the account in case you lost your password and confirming you have control over the email in case your account has been hacked one way or another.
Haven’t we also been “used to it”, and don’t even ask ourselves the question since a while? In the case of email, it’s quite OK, I feel, as you don’t necessarily have to give out “your” email address but can always create another one if you want (which is harder with a phone number!).
Isn’t there an argument to allow a “no email” account creation? Or to render the email address optional? I know quite nobody does it, but why!?
Fair enough, but there may be an argument for a “bitcoin” way of doing things (on option only, the user decides): You lose your password, you don’t complain, that was your choice and you chose to be responsible about safeguarding it. We also can imagine alternative ways to recover accounts, not needing an email or phone number (not needing any contact method, in fact).
I mean, it seems possible to me to have an option for a private / no hassle way of registering if one chooses to (and if the admins are willing to): Username and password, that’s it. No contact method, no verification of the latter (same: Why exactly is there these email verification we all got used to? It doesn’t seem to make sure there wasn’t a typo as you often cannot correct the email. It’s to make sure you gave a valid email, because you have NO CHOICE. You have to provide one, and god forbid you just gave a false email on purpose. There are still temporary email services, indeed)
A “no email” registration method may also solve the purpose of this topic.
Yes, it is known SMS isn’t secure for IMPORTANT stuff. Email isn’t either, it’s probably far worse! But SMS appears as being pretty safe, when it isn’t really.