One issue with submitting a recovery email is that you will be leaving your email out in the open for anyone running a Steem node to see. The Steem blockchain is public and open to anyone...I wouldn't add an email to a public blockchain where it could be sold to spammers.
RE: Add 2FA (two factor authentication) email address during Steemit signup to aid account recovery and prevent hacked accounts being drained. Industry standard solution.