When a user supplies an email address, and this option is enabled, block all publishing until they confirm their email address.
Admins should be able to limit abuse by requiring that users confirm their email address before participating on their instance.
When a user registers with an email address, set status = -1 to indicate that their account is unconfirmed. Store a secret token and send an email to the user account with a link to the WF instance confirmation page, including the token. On the web, send them to a "Confirm your email address" page.
On this prompt to confirm the email address, display the email address that the confirmation was sent to. Also give the option to update their email address on the Account Settings page. When they do this, if their account is status = -1, send them a confirmation email.
Clicking the link in the email should take them to a final confirmation page, where they should click a confirmation link. This should verify that the token is correct, and update the account to "Active".
If a user changes their email while account is anything besides unconfirmed, store the pending new email address and send a confirmation email to it. The account should remain in its current status and the email will only change once the new address has been confirmed.
Existing users should retain "active" accounts, but they should also have the ability to confirm their email address (out of scope for this task).