It is similar but it is NOT the same issue as
JENKINS-3590, because 3590 was about the login page and this one is about the sign up page.
This issue is easy to reproduce in Jenkins v1.420: using the built-in user management, the user is created in-memory after submitting the sign up page without a password or without a valid e-mail address. Jenkins needs to be restarted to forget the incomplete user.
Except if there is a good reason, I agree that the user should not be created in-memory if submitting the sign up page displays an error such as missing password or invalid e-mail address.