> didn't want to scare me into giving up my email address using "account recovery" FUD
It's not FUD. I run a small website (about 10k daily visits) where you can log in and play some games and don't have the "reset password via e-mail" mechanism. You won't believe the amount of "I forgot my password, please reset it" requests I get from people.
Majority of people give more value to being allowed to be lazy and forgetful than you having their e-mail address on record.
I linked an email with my Reddit account long before it became recommended. Years later, I deleted that gmail account. Even more years after that, Reddit decided (automated) to lock my account until I reset my password for no discernible reason, the only option being via email. It took two weeks with support, across 3 different mediums of communication, to get it reset to a new email account.
I guess what I’m saying is that there is an internal motivation at play to get people to register their email accounts at Reddit, and it goes far beyond reducing customer support time because at present, they are going the opposite way. In fact, had I never registered an email, their automated account locking nonsense would never have triggered, and had I lost my password, their official policy is not to help at all.
I never considered what they'd do in the event of a forced password reset after a breach. Not a problem for my use case given I consider them throwaway accounts anyway. Maybe sites should have accounts specifically designed as throw aways. No visible karma, no email, clear indication that you can't recover if you forget password, if there is a breach, your account is deleted immediatley.
Listen up, I get your use case, but comparing it to Reddit is disingenuous, obviously they're not pushing to enter your email for being able to help you out of the good of their hearts.
Maybe your site does, but Reddit is a huge data mining company just like the other big players on the Internet. That is their motivation. Like Caprinicus' story demonstrates, if the situation were reversed, suddenly it takes weeks to provide customer support. That clearly shows the email isn't about being user friendly, they want to grab it just because they want to lock on to you and let themselves drift away from the anonymous registration they so proudly offered one day.
There's not a lot of goodwill left for this behaviour on the Internet.
I also hate being encouraged to enter my email, because I think they want to connect me up via other places I use that email. But I have various ways that I usually use to create a new email for every website, so they can't track me. I have to do a tiny amount of work to manage this but it is not so hard.
I guess other people aren't aware of how to do this or its too much work. Having an email does help the 'reset automatically' the account, without human intervention (when you still have the email).
It's not FUD. I run a small website (about 10k daily visits) where you can log in and play some games and don't have the "reset password via e-mail" mechanism. You won't believe the amount of "I forgot my password, please reset it" requests I get from people.
Majority of people give more value to being allowed to be lazy and forgetful than you having their e-mail address on record.