Security of your users

I’ve got a great idea. How about you send an email to the account holder BEFORE someone accesses our accounts and changes our details, INCLUDING our very own email with our paid subscriptions. “Hi, your email has been changed to <email>“ that’s what I woke up to today and now I’m locked out of my paid account. thanks, that really does me a lot of good. Wouldn’t it be better to authorize said change with the account holder BEFORE letting this happen, rather than just let anyone who gains access to our Viki account?