You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
{{ message }}
This repository has been archived by the owner on Jan 16, 2023. It is now read-only.
@imphil As the current state the confirmation mail is sent after a user login. We can add a captcha at that section. If a user is signing in through github and google in that case we don't need a verification
I was able to re-enable the email sending after fixing 85baa05. The spammers used the username as place to their ad content, with that being impossible now they seem to have lost interest. I'll keep monitoring the situation for a while.
A captcha would certainly be helpful to have around as an option so that we can enable it if the spammers come back.
imphil
changed the title
Re-enable email address confirmation at registration
Harden registration process against bots
Jul 29, 2020
@sandipbhuyan great! Yeah, I think the Google captcha is the one I've seen most widely. But whatever is easiest, really. Please also add a configuration option to make it possible to enable/disable this feature, I'd like to keep it turned off by default until we run into the next spammer issue.
I had to disable the email address confirmation at registration due to spammers registering accounts with email addresses they don't own.
Not sure about a solution, potentially we need a captcha.
The text was updated successfully, but these errors were encountered: