Email Changed Confirm
Email change confirmation page showing the new and old address with timestamp and device, a lock account alarm for unauthorized changes, and a dual address notice.
Email change confirmation page showing the new and old address with timestamp and device, a lock account alarm for unauthorized changes, and a dual address notice.
The Application Collection unlocks the source for every Application block. All Access unlocks every Collection.
Already purchased? Log in
Email Changed Confirm is the post-change notification page, confirming the new address (avery.stone@acme.com) in a ruled detail panel alongside the old address (avery@acme.com), the exact timestamp (Jun 13, 2026, 14:22 UTC), and the device (MacBook Pro, Safari 17, London UK). A Continue to Acme button sits above a bordered alarm section titled Did not make this change? that explains locking the account ends all active sessions and blocks sign-ins, with a Lock my account now link as the action. Below the card an honest note explains that both the old and new address received this notice so that either address can catch an unauthorized change.
The change object holds new email, old email, timestamp, and device. The device string is the detail most phishing-check guides recommend; it lets the user rule out or confirm the change without logging in first.
Reach for this block as the page delivered when a user or attacker completes an email change. Wire the change object to your audit log event, the lock action to your account lockout endpoint, and send to both old and new address from the server.
A natural flow around it on an Application Pro page:
Before
After
One strong use is the account security notification after an email update. Other variants:
Tip: send the notification before completing the change server-side so the old address always receives it, even if the new address is invalid.