diff --git a/app/controllers/external_controller.rb b/app/controllers/external_controller.rb
index f21c4ab1229fcb508e81c08f7648b36e28e3bdc3..3c82adeedaed6b8d40b09771fe30c47f9a9c21af 100644
--- a/app/controllers/external_controller.rb
+++ b/app/controllers/external_controller.rb
@@ -11,7 +11,8 @@ class ExternalController < ApplicationController
     user_info = {
       name: credentials['info']['name'],
       email: credentials['info']['email'],
-      language: extract_language_code(credentials['info']['locale'])
+      language: extract_language_code(credentials['info']['locale']),
+      verified: true
     }
 
     user = User.find_or_create_by!(external_id: credentials['uid'], provider:) do |u|
diff --git a/db/data/20221115190918_backfill_verified.rb b/db/data/20221115190918_backfill_verified.rb
new file mode 100644
index 0000000000000000000000000000000000000000..45e6beaf2d76ce0c2db207e2dd7b9e07ab5c2bc0
--- /dev/null
+++ b/db/data/20221115190918_backfill_verified.rb
@@ -0,0 +1,11 @@
+# frozen_string_literal: true
+
+class BackfillVerified < ActiveRecord::Migration[7.0]
+  def up
+    User.where.not(external_id: nil).update_all(verified: true) # rubocop:disable Rails/SkipsModelValidations
+  end
+
+  def down
+    raise ActiveRecord::IrreversibleMigration
+  end
+end
diff --git a/db/data_schema.rb b/db/data_schema.rb
index a6bbbe384c9a156f674117884ce46ad78caa49d7..e7ff4a641fbee0b3f352af421a5b0d7d80434aad 100644
--- a/db/data_schema.rb
+++ b/db/data_schema.rb
@@ -1 +1 @@
-DataMigrate::Data.define(version: 20221003201116)
+DataMigrate::Data.define(version: 20221115190918)
diff --git a/spec/controllers/external_controller_spec.rb b/spec/controllers/external_controller_spec.rb
index c572daed8e1c7b435a8114fc7e58ea56e21b48b3..5064310c2f8d7f2f58d59c4886665c37dd6b9441 100644
--- a/spec/controllers/external_controller_spec.rb
+++ b/spec/controllers/external_controller_spec.rb
@@ -49,6 +49,14 @@ RSpec.describe ExternalController, type: :controller do
       expect(User.find_by(email: OmniAuth.config.mock_auth[:openid_connect][:info][:email]).role).to eq(role)
     end
 
+    it 'marks the user as verified' do
+      request.env['omniauth.auth'] = OmniAuth.config.mock_auth[:openid_connect]
+
+      get :create_user, params: { provider: 'openid_connect' }
+
+      expect(User.find_by(email: OmniAuth.config.mock_auth[:openid_connect][:info][:email]).verified?).to be true
+    end
+
     context 'redirect' do
       it 'redirects to the location cookie if the format is valid' do
         request.env['omniauth.auth'] = OmniAuth.config.mock_auth[:openid_connect]