Email Verification on Registration

NoeJeko · 05-21-2009

Hi guys,

Sorry but due to the immense amount of spambots that have been bypassing reCAPTCHA lately I was forced to implement email verification. I thought reCAPTCHA would be enough but as the bots evolve so must we.

Please ensure you have @mymmogames.net and @gavist.com added to your safe delivery list to ensure the activation email arrives in your inbox. Thanks and sorry for the inconvenience!

Momijii · 05-21-2009

Unfortunate, but in the name of security, I'm fine with it. Since it only applies to members... =0

Miyuki · 05-21-2009

Also remember to check your "spam/junk" folders too.

Rhymie · 05-21-2009

well, if it needed to be done then so be it.

Tecca · 05-21-2009

An extra random question field + reCaptcha always does the trick. Or so I've heard.

SilentSaber · 05-21-2009

heh. That was a widely unpopular move when I was admin for a forum. But then we also had bigger concerns. lol gaping security loopholes (sql injection + others) ftl.

But it works, and I like that. Never thought I'd see it here, though. If you find out how they're bypassing it (or know now), you can just edit the code a little to prevent it.

NoeJeko · 05-21-2009

reCAPTCHA isn't something we can edit - it's a hosted service. It's still the hardest to bypass of any of the options vBulletin has.

Shirakani · 05-21-2009

reCAPTCHA is really freaking annoying as is, it does make me wonder how bots bypass it in general. Email verification for many forums is a standard though, don't see it being any form of a problem.

I'm still totally WTF'd to high hell that Atlantica Online recently added in a reCAPTCHA for LOGGING IN... After you enter your login/pass, you have to pass a captcha just to select a freaking character. My desk has never met my forehead that many times in under a minute.

Light · 05-21-2009

I always found that it took several tries to get the reCAPTCHA to accept the correct code.
Pressing the back button and typing in the new code will result in failure 100% as well.. which is very annoying.

Miyuki · 05-21-2009

Have you tried megaupload's captcha and those rizon unban captcha? Those are what I called more "annoying", lol.

Tho, hope reCaptcha can overcome these problems soon x-x;

Kudaranai · 05-21-2009

You can barely read the one megaupload uses. The letters are basically on top of one another.

SilentSaber · 05-21-2009

I meant to add in code the bot wouldn't account for. But it won't be 100% unless you have a source code or script or something.

Shirakani · 05-21-2009

Quote:

Originally Posted by Kudaranai

You can barely read the one megaupload uses. The letters are basically on top of one another.

It's deliberately designed to be annoying in that way. They hope to piss you off to the point where you just say '****itall' and sign up for premium. Never works, it's such a Failtreev tactic that i'd rather not use their service at all.

Goldie · 05-21-2009

Damn people are like going to riot. Jeez, E-mail Verification is probably the easiest part of signing up. It really just shows how lazy people are today...

Tecca · 05-21-2009

You guys really have problems with the Megaupload verification? I did at first, but if you actually look at it, it's extremely easy. Sure, they're layered on top of each other, but they do so in a way that they complete each other.

Milkshakes · 05-27-2009

Why the sad face noe

Yuki · 05-27-2009

Is it bad that I haven't had an email yet? D;

Crypt · 05-27-2009

it's for new user registrations

and I actually don't mind on this o.o, most places I register have email verification on, it was kinda odd this place didn't tho, I knew this might happen one day, because yes, it's easy to register even without a valid email address, so yea, I don't really mind this, actually I would had suggested this, but found it too simple and felt me suggesting unneeded, since it's also on by default <.<, so yea, Noe might have turned it off during setup, oh well wasn't a good idea, and it not neceserally have to be spambots, it could be a human assisted spambot, yes it's possible actually that a spambot places the verification code visible to the user so the user types them in, which means not all bots are 100% bots, oh well, depends on the design actually

anyway this is a good move and I accept it, then again it's only for new registrations, what about the undetected already registered ones tho? lol oh well, might be detected eventually if work/action is taken upon them, I would suggest to send verification emails to everyone but that could be suddenly annoying and unexpected, maybe something could be done, just an idea maybe

hmm, I should see what he placed for verification lol, might be fun, I will another time tho, this isn't the right time actually (lol I shouldn't be saying this!)

Miyuki · 05-29-2009

Those bots won't lives long with us here!

Silver Rook · 05-29-2009

Ahem, gentlemen.
I see the forums is safe? Tell me, did anyone happen to kill a couple of spambots on the way here? No? Then we still have a problem.

If you manage to kill them, I assure you that they're not like me. And nothing, nothing like the man lose inside this forums!

Why, you president of his fanclub?

No, that would be your friends!

- Slams files on desk with several photos -

Indeed, and now hes here to f- Beep - us! So listen up, boy! The advertisment being spammed over the forums would be the second worst thing that happens to you today. This spambot has already breached our defenses... You see what he has done to our fellow forumers! And worst of all, he could be one of us...

He could be in this very room! He could be you... He could be me.. He could even be...! - Shoots -

But no seriously, e-mail verification is something we've needed ever since the start... Theres too many bots here evolving to bypass internet security. Well, not like we mind too much anyway...