Users cannot prove they own an account #1
Description
The way users log in and create accounts does not allow them to prove, as a human, at a later date, that they control the account. This could become an issue if, for example, a score board system is later introduced, and a human wants to prove they were the one playing the game when they got a very high score.
If their game account were associated with their email address or at least a password that they know, then that would be convincing evidence they own the account and got the high score. But the user model doesn't record that information now. Instead, a user controls a User record until their session is lost, at which point they must create a new User record (which can have the same name attribute as the old one) and can never log in as the old User again.
This could be fixed with Devise or Omniauth, for example.