Thanks for the reply.
I know it's young, and I'm only interested in being involved in some discussion/development.
I understand read access doesn't risk the user's profile. But my point is about securing a user's account when using a client with write access. This is important, and my suggestion is just one idea. I'm interested in what has already been discussed so far.