Comment by TravisPeacock

I had thought about this a bit, I don't think it's any different (and actually even more secure) than someone putting in your email in a "Lost Password" field. In that case you just have to guess that email is registered on the site, in my case you have to know the email is registered to this specific Lynx.

It could be annoying but it seems an edge case to be abused.