Should I verify the identity of my users before letting them pair my service to their Latch account?

If someone gets access to one of your users accounts not protected by Latch, they could pair it to a random Latch account and set it up to be closed, denying the access to your user to their own account. Same as if their password was changed. You might want to verify the identity of your users by asking them their passwords again before they pair with Latch.