Suggestion: Make it just a little more difficult to create a new account. - page 2.

NavI_027

full member

Activity: 1232

Merit: 186

Quote from: zasad@ on June 25, 2020, 03:45:06 PM

Registering by email or phone number will not solve the problems with fraud. There are many services on the Internet with temporary emails and phone numbers, they are either free or very cheap.

Yeah you're right. It really seems that it doesn't make any contributions at all because at the end of the day the fraudsters will always find a way but I don't see with improving the forum's system as well. So why not Cheesy

? Fraudsters might not be affected but I think spammers will do. They may realize that undergoing several stages just to make an account for spamming is not worth of their time anymore — this means less pollution inside.

zasad@

legendary

Activity: 1876

Merit: 4532

Quote from: sandy-is-fine on June 22, 2020, 11:56:00 PM

One can create 30 accounts here in probably 5 minutes or less. There isn't even an email confirmation needed to create an account so one can just put in a random anything. At least confirm someone's registration email actually exists. I think that will help avoid a lot of junk users. Def not foolproof but way better than not even confirming an email one uses even if it's a "throwaway" email.

Registering by email or phone number will not solve the problems with fraud. There are many services on the Internet with temporary emails and phone numbers, they are either free or very cheap. One user said a brilliant phrase: “Why make scammers smarter?”
A fraudster can create a new account, but he still uses old accounts on social networks. It will be caught and painted in red.

LoyceV

legendary

Activity: 3290

Merit: 16489

Thick-Skinned Gang Leader and Golden Feather 2021

Quote from: Timelord2067 on June 25, 2020, 12:31:33 PM

Another suggestion I'd agree with is to withdraw the Copper Membership in it's entirety - Newbies just see it as a fast track to post with images and then boost their accounts with bells and whistles while lacking substance in their posts.

They risk losing $24 by buying a Copper Membership and getting it banned. I don't think they'll keep buying new Memberships.

Timelord2067

legendary

Activity: 3696

Merit: 2219

💲🏎️💨🚓

Another suggestion I'd agree with is to withdraw the Copper Membership in it's entirety - Newbies just see it as a fast track to post with images and then boost their accounts with bells and whistles while lacking substance in their posts.

Twentyonepaylots

sr. member

Activity: 1918

Merit: 370

Quote from: suchmoon on June 23, 2020, 12:40:50 AM

Quote from: Steamtyme on June 23, 2020, 12:27:44 AM

If performing the simple task of verifying your registration email is to difficult for someone they are going to have a real hard time getting involved in crypto or anything in life for that matter. Sandy's point is valid, considering the only people this would really affect are people creating multiple low level accounts for spamming, or posting malware links.

But would e-mail verification really stop them? Even if the forum started requiring a unique e-mail address for each account - creating an e-mail address requires less effort than passing the captcha. Just add "+" to gmail.

I couldn't agree more on this, the only way to catch them all is on the inside which is from the forum. A person can register a single phone number for 5 gmail accounts, so it would just take 6 sim cards to possibly create 30 accounts in the forum. I think we need active members that is constantly reporting any suspicious action or shilling posts, it's not just the moderators work to find these people right ?

I also think that not all new registrants do not want to add contribution but just to read some discussions in here, I think we should have a guest membership?

lovesmayfamilis

legendary

Activity: 2072

Merit: 4265

✿♥‿♥✿

Quote from: bakasabo on June 25, 2020, 07:36:44 AM

Quote from: libert19 on June 25, 2020, 01:29:49 AM

I remember when I was newbie, I couldn't do a thing without waiting every few minutes in between. Although, email confirmation would be helpful but don't think it's much harmful in current stat. Newbie accounts will have to work up to do anything on the forum.

When I was a newbie, after making a post, I switched to searching for another interesting topic to read and did not have to wait before making new post. Dont know why waiting 120 sec before making another post is a problem. I think that is enough time to superficially go through the topic and post, but if reading carefully (what is why newbies should do, instead of just reading last post in topic and quote), then time gap between posts is not a problem at all.

If we talk about normal beginners who come to the forum with pure intentions, then they do not pursue the number of writing posts. These people first read, and if they happen to add or supplement something, only then they write.
But if we talk about those who open new accounts in order to rock the account, then of course 120 seconds is not enough for them. Thoughts about future millionaire bounty companies rush them to write all kinds of garbage.

Quote from: bakasabo on June 24, 2020, 03:53:09 PM

Actually getting 1 merit is not that hard. Allowing Jr.Members in signature bounty will start signature spam/shitposting just to meet weekly minimum required. I'm 200% sure in that.

And here I can bet. If we talk about bounty hunters, then these people, except for bounty reports, write nothing clever. There are accounts with activity by the age of the legend, but they do not have single merit.

https://bitcointalk.org/index.php?topic=5219641.40

bakasabo

legendary

Activity: 2450

Merit: 1209

Quote from: libert19 on June 25, 2020, 01:29:49 AM

I remember when I was newbie, I couldn't do a thing without waiting every few minutes in between. Although, email confirmation would be helpful but don't think it's much harmful in current stat. Newbie accounts will have to work up to do anything on the forum.

When I was a newbie, after making a post, I switched to searching for another interesting topic to read and did not have to wait before making new post. Dont know why waiting 120 sec before making another post is a problem. I think that is enough time to superficially go through the topic and post, but if reading carefully (what is why newbies should do, instead of just reading last post in topic and quote), then time gap between posts is not a problem at all.

libert19

hero member

Activity: 2520

Merit: 952

I remember when I was newbie, I couldn't do a thing without waiting every few minutes in between. Although, email confirmation would be helpful but don't think it's much harmful in current stat. Newbie accounts will have to work up to do anything on the forum.

Timelord2067

legendary

Activity: 3696

Merit: 2219

💲🏎️💨🚓

SMF has the capabilities to do email verification at the time of registering along with questions/answers and enter text in a box, waiting times after registering (then again a scammer will be in no hurry) even waiting for approval from a mod/admin - those kinds of capabilities can be enabled with just a few key strokes by an admin/mod.

Suggesting a white list or similar brings us backwards to the very early mega threads "please sir, can I be whitelisted?"

There are units of evil (or, at least there *was*) for those utilising the same IP to register too many UID's too quickly, but if they are spaced out time-wise then that's not a concern for scammers.

All of the things that can prevent scammers creating scores of UID's have been quietly disabled over time.

NotATether

legendary

Activity: 1568

Merit: 6660

bitcoincleanup.com / bitmixlist.org

Instead of verifying that the email exists, it would be a better idea to implement a waiting period between registrations, like 5 or 10 minutes long. Maybe such a waiting period already exists, as I'm not willing to create a bunch of accounts to test this.

Lordhermes

sr. member

Activity: 1232

Merit: 379

I think over this in time why new registrants aren't asked for email confirmation to reduce spammers, scammers, noise making but probably that's not the aim of the forum as stated by theymos. In other perspectives, despite email confirmation, fraudulent users can still make some silly approaches, dropping some irrelevant links and all sorts of nonsense in the community.
So allowing accounts to be registered without confirmation via mails justifies the purpose of the forum, as it maintain her economic, cultural value of the forum.

bakasabo

legendary

Activity: 2450

Merit: 1209

Quote from: Quickseller on June 24, 2020, 12:51:14 AM

I don’t think any campaigns have accepted newbies in years. It has been nearly as long since any campaign has accepted junior members, and it is very unusual for a campaign to accept members...

2 years ago there were plenty of campaigns, that accepted newbies for signature campaign. I've even had a topic with them Top signature campaigns for NEWBIE

As for Jr.Member - bounty managers do not accept Jr.Member usually now, but if a projects manages bounty campaign by themselves, they usually accept everyone.

Quote from: sabotag3x on June 24, 2020, 12:47:20 AM

If campaign managers start to accept only Jr Members+, that would reduce this problem as you need at least 1 merit to become Jr...

Actually getting 1 merit is not that hard. Allowing Jr.Members in signature bounty will start signature spam/shitposting just to meet weekly minimum required. I'm 200% sure in that.

sandy-is-fine

legendary

Activity: 1919

Merit: 1230

AKA Ms-overzealous-condecsending-explitive-account

Quote from: actmyname on June 23, 2020, 11:43:04 PM

Quote from: sandy-is-fine on June 23, 2020, 05:23:21 PM

Well, it wouldn't affect EVERYONE just those creating a lot of accounts at once. For the "real" new user it would take an extra 30 seconds to go to their email and click on a link. 99.9% of all websites do it so it probably isn't too much inconvenience for those people since they would only do it once.

You will have the arbitrary number of "lots of accounts being made" in your implementation. The use of mass email creation has been around for years and that will not change any time soon: you essentially make it slightly trickier for account spammers.

What does it prove? What is the intent of the email verification, and how does it resolve the problem? Or does it just merely shift the issue to a different problem?

Well, it's not meant to "prove" anything other than to make it just a small bit more difficult to create multiple accounts. I just don't see the big deal for asking someone to verify an email they post as it just makes it a bit more inconvenient for those trying to create a lot of accounts in minutes maybe think twice. As I said before virtually every forum does it. The legit forum user will only be inconvenienced ONCE. It's not the ability to CREATE mass emails it's making it harder for that person to have to go find that mass created email he used to create the account, click on it and be verified.

WHY then even the need to enter an email as anyone can enter a random bunch of letters with dot something after it and still have forum access? Email entry should then be totally eliminated under the "no need to confirm it exists" method of operation.

Quote from: malevolent on June 24, 2020, 01:59:17 AM

I wouldn't mind if there were some minor restrictions put in place for Newbies such as being required to buy a Copper Membership or having to gain 1 merit in order to create topics in the following sections: Goods, Services, Currency exchange, Gambling, Lending, Securities, Auctions, Service Announcements, and in all child-boards of these sections, Gambling discussion excepted.

I'll 2nd that! Or +1 that!

PrimeNumber7

copper member

Activity: 1624

Merit: 1899

Amazon Prime Member #7

Quote from: LoyceV on June 24, 2020, 04:31:16 AM

Quote from: PrimeNumber7 on June 24, 2020, 03:02:21 AM

Quote from: Welsh on June 24, 2020, 02:09:14 AM

I guess the thing is with captchas is they are too easily bypassed either through getting an automated service to do them for you

I don't believe that google reCaptcha can be bypassed via the use of a machine learning model (or ensemble of models). There may be some services that employ people from third world countries to solve reCaptcha's for next to nothing, but this is a cost.

I've seen them offered for a few dollars per thousand captchas.
In my list of usernames, there are 13937 usernames that start with "MrFudged" and several other usernames that have thousands of combinations. All current restrictions didn't stop these guys to create that many accounts.

The captcha was added in August 2017, while the accounts you cited were created on October 21, 2015 and the following day. I think my above explication would still apply.

Asuspawer09

sr. member

Activity: 1638

Merit: 425

Quote from: sandy-is-fine on June 22, 2020, 11:56:00 PM

One can create 30 accounts here in probably 5 minutes or less. There isn't even an email confirmation needed to create an account so one can just put in a random anything. At least confirm someone's registration email actually exists. I think that will help avoid a lot of junk users. Def not foolproof but way better than not even confirming an email one uses even if it's a "throwaway" email.

Already forgot if registering needed an confirmation in your email, but if it not need. Then I guess we need to fix it a little bit.

Having at least a confirmation in the registration email could at least confirmed or verify if its really his email, if we don't have that everyone could just put anybody's email.

Of course, that could not stop other members from creating an alt account but still could at least secure emails.

lovesmayfamilis

legendary

Activity: 2072

Merit: 4265

✿♥‿♥✿

Limiting the registration of bots is very difficult to stop. No matter how many decisions are made to ban mass registration, all restrictions will be violated by scammers. Today I know the working telegram channels on which thousands of accounts of our forum are sold.
A good proposal was written limiting the acceptance in Bounties, due to which it is possible to some extent kill motivation to senselessly register a bunch of accounts. But today's Bounties are rarely promising, so managers accept everyone

LoyceV

legendary

Activity: 3290

Merit: 16489

Thick-Skinned Gang Leader and Golden Feather 2021

Quote from: PrimeNumber7 on June 24, 2020, 03:02:21 AM

Quote from: Welsh on June 24, 2020, 02:09:14 AM

I guess the thing is with captchas is they are too easily bypassed either through getting an automated service to do them for you

I don't believe that google reCaptcha can be bypassed via the use of a machine learning model (or ensemble of models). There may be some services that employ people from third world countries to solve reCaptcha's for next to nothing, but this is a cost.

I've seen them offered for a few dollars per thousand captchas.
In my list of usernames, there are 13937 usernames that start with "MrFudged" and several other usernames that have thousands of combinations. All current restrictions didn't stop these guys to create that many accounts.

I don't think spam is that bad anymore though. There are much less posts being made than a few years ago, and I don't find long lists of spammers to ban anymore.

NeuroticFish

legendary

Activity: 3668

Merit: 6382

Looking for campaign manager? Contact icopress!

Quote from: suchmoon on June 23, 2020, 12:40:50 AM

But would e-mail verification really stop them?

No, clearly. But the idea is to slow them down, not to stop them.
I'd add something extra: allow creation of only one account per computer/user/browser. Yeah, it's also weak, but it'll earn a few extra seconds too.

And as long as the forum keeps IP logs, I find all the discussion about extra privacy rather useless. I believe that the ones who want to enforce their privacy will research/know what to do with or without the mail confirmation requirements.

PrimeNumber7

copper member

Activity: 1624

Merit: 1899

Amazon Prime Member #7

Quote from: Welsh on June 24, 2020, 02:09:14 AM

Quote from: PrimeNumber7 on June 23, 2020, 03:58:25 PM

I am also not sure what type of accounts you are concerned about. If someone is creating boatloads of accounts to farm/spam low quality posts with, they would still need to wait 6 minutes between posts initially.

I guess the thing is with captchas is they are too easily bypassed either through getting an automated service to do them for you or by bypassing it using the sound system that some of them offer. I'm not sure the best way of going about this. There's been quizzes that have been suggested in the past, which could have randomized answers. Although, even then this could eventually be automated by those that find it worthwhile to make new accounts.

I don't believe that google reCaptcha can be bypassed via the use of a machine learning model (or ensemble of models). There may be some services that employ people from third world countries to solve reCaptcha's for next to nothing, but this is a cost.

One other solution might be to put people in a modified newbie jail after say 7 posts unless they have been whitelisted. The mods (and maybe also merit sources, and maybe others) would review all newbie posts, and whitelist the account the post makes a sufficiently good post. Ideally, most new users would make posts at a slow enough pace (and mods will review posts quickly enough) so that users who are not posting junk will be able to make 8 posts without ever being in newbie jail. Those in modified newbie jail could buy a premium account (maybe at a cost that is less than a Copper Membership), or wait to get whitelisted (which may require they make additional posts in a subset of subs).

Welsh

staff

Activity: 3290

Merit: 4114

Quote from: PrimeNumber7 on June 23, 2020, 03:58:25 PM

I am also not sure what type of accounts you are concerned about. If someone is creating boatloads of accounts to farm/spam low quality posts with, they would still need to wait 6 minutes between posts initially.

I guess the thing is with captchas is they are too easily bypassed either through getting an automated service to do them for you or by bypassing it using the sound system that some of them offer. I'm not sure the best way of going about this. There's been quizzes that have been suggested in the past, which could have randomized answers. Although, even then this could eventually be automated by those that find it worthwhile to make new accounts.

Topic: Suggestion: Make it just a little more difficult to create a new account. - page 2. (Read 751 times)