Spam-safe user registration. #8119
EricSoroos
started this conversation in
Ideas
Replies: 1 comment
-
I like these ideas. How about an option to enable user image uploads (new default
Account confirmation is great, we've implemented it in our plugin and by forcing all datasets to private on our internal site. Having a user state of not-approved-yet would be even better |
Beta Was this translation helpful? Give feedback.
0 replies
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
-
Re #8038 -- User spam
There's an issue with user registration and spam, because by default, there is a path for new users to upload content that is served to the public, through the user's profile image, or the user full name/notes when the show users setting is allowed.
For sites that have a business requirement for open registration, this is a significant administrative load, even after adding captchas. We're seeing on the order of thousands of attempts per day to register and post spam, vs maybe one authentic registration.
One potential option here would be to reduce the incentive to create users.
Additionally, saving some extra information to audit the user registration, prior to confirmation (which would need to be cleared periodically):
Beta Was this translation helpful? Give feedback.
All reactions