> Unfortunately this assumes that there's no other way for an attacker to discover whether a username/email address is registered for a service. This assumption is incorrect.
The assertion is incorrect. Closing a means to account name guessing does not presuppose that there are no other means available.
Locking my front door does not assume I have no other doors.
The assertion is incorrect. Closing a means to account name guessing does not presuppose that there are no other means available.
Locking my front door does not assume I have no other doors.