I want to get a clear scenario from you theymos, if email is been ban or got disabled and the user of the bitcointalk account have not noticed for long period that his email is not in function and a hacker has penetrate to his bitcointalk account and succeeded hacking the user account, can the person retrieve it's account through the management of the forum while it has not sign a message with its receiving address of the first earn for the forum??
That is why the administration is introducing more and more changes to protect the user.
In the end, according to your story, the user does not care about his account at all. He doesn’t read posts in Meta about adding 2FA (today this topic is already on the second page, unfortunately). He does not sign the message from his wallet address. Ultimately, he is not observant of the fact that his email address has changed; that is, he most likely selects for registration either a non-existent address or a temporary email address. How many red flags will this user have about his carelessness and inattention?
Is the forum to blame for this, and can the forum be blamed for not caring about people?
Should the forum issue a warning that the user understands that he should be independent and take care of his account above all else?