user validated himself

ok its happened again, starting to wonder about the security of elgg.  2nd time a user has created an account and validated himself on elgg 1.8.8.  I dont even have emails setup yet for a user to validate through email, can only be validated through admin, is there something to do different, or some plugin to keep this from happening?

Feedback and Planning

Feedback and Planning

Discussions about the past, present, and future of Elgg and this community site.