Shipaton 2025 - Day 7 - Enhancing App Security With Email Verification

Day 7 of my Shipaton 2025 journey was all about boosting account security with an email verification flow. By requiring users to confirm their email before logging in, I’m preventing spam accounts and protecting user data inside my Android App.

Mantas Butenas

8/8/20252 min read

a white square with a red circle on top of it
a white square with a red circle on top of it

What I Built Today

Today, I focused on strengthening account security in my Android App by adding an email verification flow.

Here’s what’s new:

✔️ Email Verification After Sign-Up – Once a user registers, they now receive a verification email. They must confirm their address before being able to log in.

✔️ Firebase-Backed Flow – The feature is powered by Firebase Authentication, making it secure, scalable, and easy to maintain.

✔️ Built-In User Guidance – Clear prompts guide users through the process, ensuring they know exactly what steps to take after registration.

While it might seem like a small addition, this change has a big impact on security, trust, and overall user experience.

Why This Matters for the App

Imagine if anyone could sign up with a fake email address and start using the app. You’d quickly run into spam accounts, fake progress records, and even malicious behavior inside the community.

By enforcing email verification:

  • We make sure accounts are tied to real people.

  • We prevent spam sign-ups before they even start.

  • We ensure learning progress is stored for genuine users who can always recover their account later.

This isn’t just about keeping bad actors out - it’s about building a trusted learning environment where users feel confident their data is safe.

How It Works with Firebase

The process is simple and seamless for users:

  1. Sign Up – A new user registers with their email and password.

  2. Verification Email Sent – Firebase automatically sends a confirmation email to the address provided.

  3. Click to Confirm – The user clicks the secure link in their inbox.

  4. Login Enabled – Only after verification can they access the app’s main features.

This approach ensures that every account in the system belongs to someone who has proven ownership of their email address.

Wrapping Up

While email verification isn’t the flashiest feature, it’s a cornerstone of user security and a must-have for any serious app. It’s one of those invisible protections that users may not think about until the day it saves them from losing their account.

With this in place, the App is one step closer to a safe, spam-free, and trustworthy learning platform.

Another small piece of the puzzle is now locked in. 🔒

Experienced Android Developer with Jetpack Compose & Kotlin Multiplatform skills.

© 2025. All rights reserved.