Thanks for reaching out.
There is a legitimate purpose for you entering the email when you install Wordfence. It’s so that your website can alert you to problems on it. Sometimes these issues can wait until you login but other times, they can’t.
It is important to note that the email address you add isn’t sent to our servers unless you select the option below it to sign up for our mailing list<, which isn’t required. It is only stored on your website. If you are one of those diligent site managers that login to their site regularly and address issues as they arise you can make up an email and add it there. Something like [email protected] would work. There isn’t any validation of the email of any kind so it doesn’t matter what you enter there. Of course, if you miss something important, like a file that was maliciously changed or a plugin you have installed that has a security vulnerability, because you didn’t login for a few days then that is a risk you assume.
The point is that if that email you put in there is leaked, it is leaked from your site or somewhere else you entered it, not from our systems.
Tim
