Suggestion: Make it just a little more difficult to create a new account.

[sabotag3x]

If campaign managers start to accept only Jr Members+, that would reduce this problem as you need at least 1 merit to become Jr..

It's more difficult to get a merit than to solve a captcha or create an email.

[1714946023]

1714946023

[Quickseller]

If campaign managers start to accept only Jr Members+, that would reduce this problem as you need at least 1 merit to become Jr..

It's more difficult to get a merit than to solve a captcha or create an email.

I don’t think any campaigns have accepted newbies in years. It has been nearly as long since any campaign has accepted junior members, and it is very unusual for a campaign to accept members...

[sabotag3x]

I don’t think any campaigns have accepted newbies in years. It has been nearly as long since any campaign has accepted junior members, and it is very unusual for a campaign to accept members...

Here

[malevolent]

I wouldn't mind if there were some minor restrictions put in place for Newbies such as being required to buy a Copper Membership or having to gain 1 merit in order to create topics in the following sections: Goods, Services, Currency exchange, Gambling, Lending, Securities, Auctions, Service Announcements, and in all child-boards of these sections, Gambling discussion excepted.

[Welsh]

I am also not sure what type of accounts you are concerned about. If someone is creating boatloads of accounts to farm/spam low quality posts with, they would still need to wait 6 minutes between posts initially.

I guess the thing is with captchas is they are too easily bypassed either through getting an automated service to do them for you or by bypassing it using the sound system that some of them offer. I'm not sure the best way of going about this. There's been quizzes that have been suggested in the past, which could have randomized answers. Although, even then this could eventually be automated by those that find it worthwhile to make new accounts.

[PrimeNumber7]

I am also not sure what type of accounts you are concerned about. If someone is creating boatloads of accounts to farm/spam low quality posts with, they would still need to wait 6 minutes between posts initially.

I guess the thing is with captchas is they are too easily bypassed either through getting an automated service to do them for you or by bypassing it using the sound system that some of them offer. I'm not sure the best way of going about this. There's been quizzes that have been suggested in the past, which could have randomized answers. Although, even then this could eventually be automated by those that find it worthwhile to make new accounts.

I don't believe that google reCaptcha can be bypassed via the use of a machine learning model (or ensemble of models). There may be some services that employ people from third world countries to solve reCaptcha's for next to nothing, but this is a cost.

One other solution might be to put people in a modified newbie jail after say 7 posts unless they have been whitelisted. The mods (and maybe also merit sources, and maybe others) would review all newbie posts, and whitelist the account the post makes a sufficiently good post. Ideally, most new users would make posts at a slow enough pace (and mods will review posts quickly enough) so that users who are not posting junk will be able to make 8 posts without ever being in newbie jail. Those in modified newbie jail could buy a premium account (maybe at a cost that is less than a Copper Membership), or wait to get whitelisted (which may require they make additional posts in a subset of subs).

[NeuroticFish]

But would e-mail verification really stop them?

No, clearly. But the idea is to slow them down, not to stop them.
I'd add something extra: allow creation of only one account per computer/user/browser. Yeah, it's also weak, but it'll earn a few extra seconds too.

And as long as the forum keeps IP logs, I find all the discussion about extra privacy rather useless. I believe that the ones who want to enforce their privacy will research/know what to do with or without the mail confirmation requirements.

[LoyceV]

I guess the thing is with captchas is they are too easily bypassed either through getting an automated service to do them for you

I don't believe that google reCaptcha can be bypassed via the use of a machine learning model (or ensemble of models). There may be some services that employ people from third world countries to solve reCaptcha's for next to nothing, but this is a cost.

I've seen them offered for a few dollars per thousand captchas.
In my list of usernames, there are 13937 usernames that start with "MrFudged" and several other usernames that have thousands of combinations. All current restrictions didn't stop these guys to create that many accounts.

I don't think spam is that bad anymore though. There are much less posts being made than a few years ago, and I don't find long lists of spammers to ban anymore.

[lovesmayfamilis]

Limiting the registration of bots is very difficult to stop. No matter how many decisions are made to ban mass registration, all restrictions will be violated by scammers. Today I know the working telegram channels on which thousands of accounts of our forum are sold.
A good proposal was written limiting the acceptance in Bounties, due to which it is possible to some extent kill motivation to senselessly register a bunch of accounts. But today's Bounties are rarely promising, so managers accept everyone

[Asuspawer09]

One can create 30 accounts here in probably 5 minutes or less.  There isn't even an email confirmation needed to create an account so one can just put in a random anything.  At least confirm someone's registration email actually exists. I think that will help avoid a lot of junk users.  Def not foolproof but way better than not even confirming an email one uses even if it's a "throwaway" email.

Already forgot if registering needed an confirmation in your email, but if it not need. Then I guess we need to fix it a little bit.

Having at least a confirmation in the registration email could at least confirmed or verify if its really his email, if we don't have that everyone could just put anybody's email.

Of course, that could not stop other members from creating an alt account but still could at least secure emails.

[PrimeNumber7]

I guess the thing is with captchas is they are too easily bypassed either through getting an automated service to do them for you

I don't believe that google reCaptcha can be bypassed via the use of a machine learning model (or ensemble of models). There may be some services that employ people from third world countries to solve reCaptcha's for next to nothing, but this is a cost.

I've seen them offered for a few dollars per thousand captchas.
In my list of usernames, there are 13937 usernames that start with "MrFudged" and several other usernames that have thousands of combinations. All current restrictions didn't stop these guys to create that many accounts.

The captcha was added in August 2017, while the accounts you cited were created on October 21, 2015 and the following day. I think my above explication would still apply.

[sandy-is-fine]

Well, it wouldn't affect EVERYONE just those creating a lot of accounts at once. For the "real" new user it would take an extra 30 seconds to go to their email and click on a link. 99.9% of all websites do it so it probably isn't too much inconvenience for those people since they would only do it once.

You will have the arbitrary number of "lots of accounts being made" in your implementation. The use of mass email creation has been around for years and that will not change any time soon: you essentially make it slightly trickier for account spammers.

What does it prove? What is the intent of the email verification, and how does it resolve the problem? Or does it just merely shift the issue to a different problem?

Well, it's not meant to "prove" anything other than to make it just a small bit more difficult to create multiple accounts.  I just don't see the big deal for asking someone to verify an email they post as it just makes it a bit more inconvenient for those trying to create a lot of accounts in minutes maybe think twice. As I said before virtually every forum does it. The legit forum user will only be inconvenienced ONCE. It's not the ability to CREATE mass emails it's making it harder for that person to have to go find that mass created email he used to create the account, click on it and be verified.

WHY then even the need to enter an email as anyone can enter a random bunch of letters with dot something after it and still have forum access?  Email entry should then be totally eliminated under the "no need to confirm it exists" method of operation.

I wouldn't mind if there were some minor restrictions put in place for Newbies such as being required to buy a Copper Membership or having to gain 1 merit in order to create topics in the following sections: Goods, Services, Currency exchange, Gambling, Lending, Securities, Auctions, Service Announcements, and in all child-boards of these sections, Gambling discussion excepted.

I'll 2nd that!  Or +1 that!

[bakasabo]

I don’t think any campaigns have accepted newbies in years. It has been nearly as long since any campaign has accepted junior members, and it is very unusual for a campaign to accept members...

2 years ago there were plenty of campaigns, that accepted newbies for signature campaign. I've even had a topic with them Top signature campaigns for NEWBIE

As for Jr.Member - bounty managers do not accept Jr.Member usually now, but if a projects manages bounty campaign by themselves, they usually accept everyone.

If campaign managers start to accept only Jr Members+, that would reduce this problem as you need at least 1 merit to become Jr...

Actually getting 1 merit is not that hard. Allowing Jr.Members in signature bounty will start signature spam/shitposting just to meet weekly minimum required. I'm 200% sure in that.

[Lordhermes]

I think over this in time why new registrants aren't asked for email confirmation to reduce spammers, scammers, noise making but probably that's not the aim of the forum as stated by theymos. In other perspectives, despite email confirmation, fraudulent users can still make some silly approaches, dropping some irrelevant links and all sorts of nonsense in the community.
So allowing accounts to be registered without confirmation via mails justifies the purpose of the forum, as it maintain her economic, cultural value of the forum.

[NotATether]

Instead of verifying that the email exists, it would be a better idea to implement a waiting period between registrations, like 5 or 10 minutes long. Maybe such a waiting period already exists, as I'm not willing to create a bunch of accounts to test this.

[Timelord2067]

SMF has the capabilities to do email verification at the time of registering along with questions/answers and enter text in a box, waiting times after registering (then again a scammer will be in no hurry) even waiting for approval from a mod/admin - those kinds of capabilities can be enabled with just a few key strokes by an admin/mod.

Suggesting a white list or similar brings us backwards to the very early mega threads "please sir, can I be whitelisted?"

There are units of evil (or, at least there *was*) for those utilising the same IP to register too many UID's too quickly, but if they are spaced out time-wise then that's not a concern for scammers.

All of the things that can prevent scammers creating scores of UID's have been quietly disabled over time.

[libert19]

I remember when I was newbie, I couldn't do a thing without waiting every few minutes in between. Although, email confirmation would be helpful but don't think it's much harmful in current stat. Newbie accounts will have to work up to do anything on the forum.

[bakasabo]

I remember when I was newbie, I couldn't do a thing without waiting every few minutes in between. Although, email confirmation would be helpful but don't think it's much harmful in current stat. Newbie accounts will have to work up to do anything on the forum.

When I was a newbie, after making a post, I switched to searching for another interesting topic to read and did not have to wait before making new post. Dont know why waiting 120 sec before making another post is a problem. I think that is enough time to superficially go through the topic and post, but if reading carefully (what is why newbies should do, instead of just reading last post in topic and quote), then time gap between posts is not a problem at all.

[lovesmayfamilis]

I remember when I was newbie, I couldn't do a thing without waiting every few minutes in between. Although, email confirmation would be helpful but don't think it's much harmful in current stat. Newbie accounts will have to work up to do anything on the forum.

When I was a newbie, after making a post, I switched to searching for another interesting topic to read and did not have to wait before making new post. Dont know why waiting 120 sec before making another post is a problem. I think that is enough time to superficially go through the topic and post, but if reading carefully (what is why newbies should do, instead of just reading last post in topic and quote), then time gap between posts is not a problem at all.

If we talk about normal beginners who come to the forum with pure intentions, then they do not pursue the number of writing posts. These people first read, and if they happen to add or supplement something, only then they write.
But if we talk about those who open new accounts in order to rock the account, then of course 120 seconds is not enough for them. Thoughts about future millionaire bounty companies rush them to write all kinds of garbage.

Actually getting 1 merit is not that hard. Allowing Jr.Members in signature bounty will start signature spam/shitposting just to meet weekly minimum required. I'm 200% sure in that.

And here I can bet. If we talk about bounty hunters, then these people, except for bounty reports, write nothing clever. There are accounts with activity by the age of the legend, but they do not have single merit.

https://bitcointalk.org/index.php?topic=5219641.40

[Twentyonepaylots]

If performing the simple task of verifying your registration email is to difficult for someone they are going to have a real hard time getting involved in crypto or anything in life for that matter. Sandy's point is valid, considering the only people this would really affect are people creating multiple low level accounts for spamming, or posting malware links.

But would e-mail verification really stop them? Even if the forum started requiring a unique e-mail address for each account - creating an e-mail address requires less effort than passing the captcha. Just add "+" to gmail.

I couldn't agree more on this, the only way to catch them all is on the inside which is from the forum. A person can register a single phone number for 5 gmail accounts, so it would just take 6 sim cards to possibly create 30 accounts in the forum. I think we need active members that is constantly reporting any suspicious action or shilling posts, it's not just the moderators work to find these people right ?

I also think that not all new registrants do not want to add contribution but just to read some discussions in here, I think we should have a guest membership?