This is a place holder for detailed requirements for feature implemented in the following issue: http://www.mantisbt.org/bugs/view.php?id=4112
Do we need a change in schema? Can't we set the access level to NOBODY and block NOBODY users from logging in? Then when user is approved we change the access level to default signup access level (e.g. reporter). This way we don't need schema changes or upgrade steps.
Please place any feedback here.