I use PlayFabClientAPI.SendAccountRecoveryEmail in my client code to send an email to the player's PlayFab login email if he wants to change his password. But what can I do if the player bought a new Android/iOS device and if he forgot his PlayFab account password and if he has no more access to his login email address? Because the password recovery email is always send to his PlayFab login email address and he can not access his email address. In addition, there is no contact email address in the player's account.
How could the player change his password in this situation? Do you know a secure workaround?
I don't want that a player can easily change another player's account password and steal the account.