Confirmation email is weird/dangerous

So far it seems that no new member is actually required to confirm their email during the signup process before gaining access to the site appropriate to their level of membership.

In admin/members I selected one of my test accounts and requested 'confirm email'. The email went to my test account email box (different address and server) and as expected gave a link to click and confirm the test account email address.

I clicked the link and guess where I ended up? Back in my admin account with a message saying my admin account is already activated!

That doesn't seem right! In fact dangerous!

Anybody else tested or experienced this?

7.0.4

Same thing happens on my second test account, which is also a different email and server account.

Clicking on the confirmation email takes the test account to my admin account from which it can go into admin!

It's a very unpleasant thought that anybody who clicks the confirmation email has instant access to admin.

Help Please urgently

please log out from your admin account before signing up a new account to test,

and also clear your browser cache for the cookies.

normally this is not possible what you are writing....

The new test accounts were created while I was logged out of admin. I will log out of admin now and try the confirmation email again to see what happens.

And clear browser cookies.

Thanks. I'll let you know what happens

Phew!

The confirmation email took me to login page only. Not to admin.

That had me worried

Thanks a million and a beer for you!

Time for bed me thinks!