Well, I don't mean it is very hard. But as usually, not doing this at
all is easier. That is my point :)
If you ask for consent and be transparent about what you store, for what reason.. then you will comply. Do not store more than you need.
Note that by GDPR, I think, this probably should be stored on servers in the same region where user resides. That may be painful. Though workaround is to store only hash of email and then ask for user to enter it (and compare hash) when user wants password reminder...
For further actions, you may consider blocking this person and/or reporting abuse
We're a place where coders share, stay up-to-date and grow their careers.
Well, I don't mean it is very hard. But as usually, not doing this at
all is easier. That is my point :)
Note that by GDPR, I think, this probably should be stored on servers in the same region where user resides. That may be painful. Though workaround is to store only hash of email and then ask for user to enter it (and compare hash) when user wants password reminder...