suggested by hoo.
Version: unspecified
Severity: normal
suggested by hoo.
Version: unspecified
Severity: normal
Who should the new account created belong to? The performer or the target user? We can probably send a random password to the user's email during the process.
Is this still relevant after rECAU867b0d779456: Make antispoof reject previously existing users.?