There are options for additional checks they could explore that are less creepy.
- Make someone pay a one time charge. This might not give you the full details but the transaction gives more data, and shows someone is willing to back up their request for access with a paper trail which has fraud protection laws.
- Third party verification services. Like your bank, who already have details about you. There just needs to be a way for them to vouch for you. Credit reporting agencies probably already do this, but I kinda think this is almost creepier than giving Facebook a video.
- Verifying the email attached to your account is a good first step.
In the meantime I think knowing the password should at least get you logged in enough for account maintenance. You should be able to set the entire account private and take it offline with limited toggles. Restoring full access would require the additional verification.
Phind is better about linking sources. I've found that generated code sometimes points me in the right direction, but other times it leads me down a rabbit hole of obsolete syntax or other problems.
Ironically, if you already are familiar with the code then you can easily tell where the LLM went wrong and adapt their generated code.
But I don't use it much because its almost more trouble than its worth.