Messages signed with ETH addresses can't be used as proof for recovering your account.
Can you point us to some more reading regarding this? This is contradictory to something that another user said awhile back. I had assumed that signing an ETH would be equally acceptable, so I'm wondering if there are any official statements regarding this? I'm not saying you're wrong, because you would know better than I would, but I just swear I remember a staff member suggesting that someone sign a message from their ETH address to prove ownership of their account. Not sure if this is a contentious issue, or what the case is, but I would love to read more on this. Is there security concerns when it comes to signing a message from an ETH address or is there no satisfactory way to verify these messages?
From
https://bitcointalk.org/index.php?topic=497545.0:
Typically, the only acceptable method of proving ownership is by signing a message (including current date and desired new email address) using a Bitcoin address or PGP key associated with the account.
While other global moderators might accept a message signed with an ETH address as proof, I'm not going to until I get an explicit acknowledgement from theymos. Technically, all account recovery should be done by admins but since simple security locks don't require an email changed,
any certain global mods can do it as well. As for whether they're accepted by the admins as proof for a recovery of a hacked account, that's something you're going to have to ask them.
AFAIK both signing and verifying messages is as easy as for Bitcoin addresses. As for security, it's probably on par with Bitcoin though I haven't really dived into Ethereum's technical side to be 100% sure.