Sign up was a bit rough. Had to copy-paste a code from email (no link to click), then it just said I was confirmed and I could log in. Seems like it's pretty common for all of that to just be done through a single click on an email link. But do you even care if folks use a bogus email?
It's all done through AWS Cognito so it's something I got working with the default code-based method and then moved on to other things. I'll look at reprioritizing a confirmation link to smooth that process.
I do care somewhat about confirming accounts in general just because it cuts down on spam/abuse, and it ensures someone didn't fat-finger their email and then can't regain access when they forget their password in a month. Also, I have on the roadmap a feature for configurable reminders/notifications, and services like AWS SES track bounces. Too many invalid recipients and you run the risk of getting throttled or suspended.
