Already a non-starter.
To register to vote you must complete a voter registration application on paper or online at RegisterToVote.ca.gov. When you register online, the system will search the Department of Motor Vehicles (DMV) database for your California driver license or identification card number, date of birth, and last four digits of your social security number. If your information is found and you authorize elections officials' use of your DMV signature, an electronic image of your DMV signature will be added to your voter registration application after you click "submit" at the end of the online application. If there is no signature on file with DMV, all of your information will be transmitted to your county elections office; you will just need to click "print," sign the paper application, and mail it. Your county elections official will contact you when your voter registration application is approved or if more information is needed to confirm your eligibility.
Some California counties are good about looking up the person and making sure they aren't registered elsewhere in the state. They do not use https://ericstates.org/who-we-are/ in California so out-of-state registrants won't be detected. The adversary just needs to choose a lax California county and sign up 100,000 new voters. Many of those will fail but some will succeed.
If the Dems take over in Congress they will force the rest of the country to use Calfornia's online system, the opposite of what you are proposing. Even if we forced them to use your system and the adversary can't register online, they will pay the community organizers to register people in person. Then those accounts will be purchased, hijacked, or hacked. One of the ways they will be hijacked is number porting. The adversary will send "forgot password" requests that will send text messages to phone numbers they are able to hijack (not all, but some), or rescue emails to email accounts they can hijack.
Here's a very simple hijack example: https://www.cnbc.com/2019/01/04/how-secure-is-your-account-two-factor-authentication-may-be-hackable.html Requires phishing. As noted in the article it is defeated by a fob. A fob can't be phished.
I’m not talking about voter registration per se, which should be greatly tightened up however.
I’m talking about registering an online voter account if you are already a registered voter. This part must be stringent because afterwards you have no interaction except online. No showing your ID to vote at a poll, no signing a mail-in ballot and having your signature checked. The only chance to control access is at the moment of setting up the account. It must be stringent, or the deal is off.