How does the forum and the associated hacking's equate to "prove who you say you are"?
It doesn't. The risk of the forum getting hacked again is one of the reasons not to give the forum my personal information.
OK, THAT is a valid reason.
Perhaps if there was a more formalised structure to the Forum people could be held accountable for their actions, and as I said, a third party KYC could validate users - issue a token similar to the
captcha token a person can use at log in (they'd still have to physically log in). All the Forum has to loose is the user name and password details as it is already plus token which could be cancelled if there was ever any doubt a user was who they say they are.
Another variant would be use "Twilio Authy" or google similar two factor authentication.
Does anyone really want to have a stain on their account from a hacking attack and then have to chase after those who've left advisory warnings? We already have a thread for posting your wallet address to recover your account.