Membership Approval Now Required

[CR Backup Admin]

We will not approve membership if the account name looks like a advertisement, is a e-mail address, or just sounds phoney,  It is definitely better if a account name has some recognizable link to photography.

This is way too subjective and what may be an advertisement / email / phoney to you may just be perfect for someone else. Compound this by the fact that the username will be rejected after one day I doubt a genuine user who is rejected will bother to try again (I certainly wouldn't, but that's just me).

IMHO a captcha is a better idea as suggested above.

Of course, we use captcha. 

With human assisted spambots, its no barrier, and most robots read it as well.  Those who think captcha is fool proof are out of date, 10 years out.  Captcha is like a screen on the front end, each step filters out a few potential spammers.  We don't reject someone unless their user name is clearly out of line.  Rules are not posted just to help spammers get around them.

We check new signups for duplicate ip's, internet providers, and a warning pops up if they have been banned before.  Its far from fool proof, just another screen to filter out what we can.

[Forceflow]

Well, as an already registered user I don't mind this, but why are you not implementing a Q&A process? Ask a specific question during the sign-up and tell the users that the answer is on your help site and not on the register page. Anybody answering that question correctly will have been a human and not a bot. Should weed out quite a bit of the bots. (Got rid of 99.99% of all SPAM accounts on my two forums)

Those who sign up must answer two questions.  Robots unfortunately know this and have a ton of questions and answers programmed in to them.  They are always one step ahead.
 
There are huge halls full of people working for spam companies who do nothing but create accounts.  I mentioned Robots, but its those human assisted robots that are the issue.
 
They concentrate on the larger web sites because that's where the exposure is.
 
We have other measures taken that keep them from posting, but they are loading up the server with almost 1/2 million user accounts, and 90% of the online users were spammers.  That's already down to 10% or less.

Well as soon as you hit real humans you are of course facing serious issues. I just did a quick trial register to see the questions you have and those are way to easy to answer. You must ask a question that cannot be answered from being on the registration page! You have to force the user to go to your help page to get the answer. That adds an additional step that is a huge problem for bots and even throws a wrench into SPAM-humans. Alternate the Q&A on a regular basis and I am very confident that you will loose most of the SPAM registration.
It's very easy to do for the one time registration a real user does but seriously adds overhead to any sort of automation.

[expatinasia]

Those who think captcha is fool proof are out of date, 10 years out.

I doubt a single person here thinks CAPTCHA is fool proof, and I certainly didn't read such a post. Also it is a system which may be around 10 years old, but has only been in common use for the past 5 year or so, and until someone comes up with something better it remains one option.

Anyway, I join others in thanking you for the work you do. I have worked on high volume forums in the past and it can be a nightmare.

Of course most of these bots - whether they be human bots, clever code, or a combination - nearly all want one thing - links. I would suggest you remove a member's ability to add a link to his/her signature, and manage how (or which) users can add links posts. Once you do that all the bots will (slowly) realise that it isn't worth their time trying to push through the system.

Good luck.

[fugu82]

Thanx again for working to keep this superb resource up and running. I continue to be amazed that there is no way to send like 147,000 volts back down the lines into the spammers vile little CPU's. Stupid Laws of Physics........

[jdramirez]

We will not approve membership if the account name looks like a advertisement, is a e-mail address, or just sounds phoney,  It is definitely better if a account name has some recognizable link to photography.

This is way too subjective and what may be an advertisement / email / phoney to you may just be perfect for someone else. Compound this by the fact that the username will be rejected after one day I doubt a genuine user who is rejected will bother to try again (I certainly wouldn't, but that's just me).

IMHO a captcha is a better idea as suggested above.

Of course, we use captcha. 

With human assisted spambots, its no barrier, and most robots read it as well.  Those who think captcha is fool proof are out of date, 10 years out.  Captcha is like a screen on the front end, each step filters out a few potential spammers.  We don't reject someone unless their user name is clearly out of line.  Rules are not posted just to help spammers get around them.

We check new signups for duplicate ip's, internet providers, and a warning pops up if they have been banned before.  Its far from fool proof, just another screen to filter out what we can.

Captcha got so advanced that I couldn't figure out what the code was... so if Captcha is on its way out... I'm happy to see it gone.

[J.R.]

We will not approve membership if the account name looks like a advertisement, is a e-mail address, or just sounds phoney,  It is definitely better if a account name has some recognizable link to photography.

This is way too subjective and what may be an advertisement / email / phoney to you may just be perfect for someone else. Compound this by the fact that the username will be rejected after one day I doubt a genuine user who is rejected will bother to try again (I certainly wouldn't, but that's just me).

IMHO a captcha is a better idea as suggested above.

Of course, we use captcha. 

With human assisted spambots, its no barrier, and most robots read it as well.  Those who think captcha is fool proof are out of date, 10 years out.  Captcha is like a screen on the front end, each step filters out a few potential spammers.  We don't reject someone unless their user name is clearly out of line.  Rules are not posted just to help spammers get around them.

We check new signups for duplicate ip's, internet providers, and a warning pops up if they have been banned before.  Its far from fool proof, just another screen to filter out what we can.

No security is fool proof and I wouldn't dare to say that a captcha is the "only" solution. That said, I guess we are on opposite sides of the table here with users wanting easier access and the mods wanting a better QC over the sign up process.

Cheers ... J.R.

[pedro]

I think it is a right step forward. My nickname here is pedro. It refers to my affinity for latin america. And it is also linked to me as an enthusiast photo amateur. Once you want me to change it into "Peter Hauri Enthusiast Photo Amateur", just mail me  Oh, as long as I keep my posting credits, though...

[AprilForever]

We will not approve membership if the account name looks like a advertisement, is a e-mail address, or just sounds phoney,  It is definitely better if a account name has some recognizable link to photography.

This is way too subjective and what may be an advertisement / email / phoney to you may just be perfect for someone else. Compound this by the fact that the username will be rejected after one day I doubt a genuine user who is rejected will bother to try again (I certainly wouldn't, but that's just me).

IMHO a captcha is a better idea as suggested above.

Of course, we use captcha. 

With human assisted spambots, its no barrier, and most robots read it as well.  Those who think captcha is fool proof are out of date, 10 years out.  Captcha is like a screen on the front end, each step filters out a few potential spammers.  We don't reject someone unless their user name is clearly out of line.  Rules are not posted just to help spammers get around them.

We check new signups for duplicate ip's, internet providers, and a warning pops up if they have been banned before.  Its far from fool proof, just another screen to filter out what we can.

No security is fool proof and I wouldn't dare to say that a captcha is the "only" solution. That said, I guess we are on opposite sides of the table here with users wanting easier access and the mods wanting a better QC over the sign up process.

Cheers ... J.R.

When a forum gets too hard to join, it slowly dies off. Most forums which make it hard for me to join or do stuff on I never use, even if I get accepted. I think that the combination of captcha and a set of questions would stop a lot of bots... stopping human spammers is more difficult... If, somehow, it can be programmed that they cannot enter links anywhere for about 15 posts, that should help things... Though that also might alienate a few new posters. This is a little like the debate of liberty vs. security, or strength vs. mobility...

[rpt]

Man I am glad I registered when I did! I went to the register page to check out the captcha and questions and I am guessing I would have flunked!

I mean, I never bought or used Nikon. So what do I know of the colour of the lens? I could guess - they are the dark side so may be dark grey or black? 

[J.R.]

I mean, I never bought or used Nikon. So what do I know of the colour of the lens?

That should give you a gold plated approval already ... Stop messing about with those captchas.

[Dave_NYC]

Captcha got so advanced that I couldn't figure out what the code was... so if Captcha is on its way out... I'm happy to see it gone.

I know what you mean. I have to hit refresh all the time on Captcha sites now. Maybe the only truly secure Captcha sites will one day be when even humans can't figure out what the code is.

[rpt]

I mean, I never bought or used Nikon. So what do I know of the colour of the lens?

That should give you a gold plated approval already ... Stop messing about with those captchas.

The captchas are cool. It is these darned trick questions that get me...

So if asked "what is 2 and 2" the best answer is "it depends" (and that works for most questions too - try it out - you would be surprised...)

So is this an arithmetic question, is it a binary logic question, or is it just messing with your mind? I can elaborate - the answers are:
A.  4
B.  2
C.  22

See, It is hard to answer such questions...

[J.R.]

I mean, I never bought or used Nikon. So what do I know of the colour of the lens?

That should give you a gold plated approval already ... Stop messing about with those captchas.

The captchas are cool. It is these darned trick questions that get me...

So if asked "what is 2 and 2" the best answer is "it depends" (and that works for most questions too - try it out - you would be surprised...)

So is this an arithmetic question, is it a binary logic question, or is it just messing with your mind? I can elaborate - the answers are:
A.  4
B.  2
C.  22

See, It is hard to answer such questions...

Damn ... I've been trying to explain to the shareholders that the answer is 5 and that is not even listed as an option

[CR Backup Admin]

I think it is a right step forward. My nickname here is pedro. It refers to my affinity for latin america. And it is also linked to me as an enthusiast photo amateur. Once you want me to change it into "Peter Hauri Enthusiast Photo Amateur", just mail me  Oh, as long as I keep my posting credits, though...

The type of weird user ID's the spammers use are like "#nbhiortn[hysqwuiolv]"  Actual ID
 
 
No problem with a ID like Pedro, we have contacted only one member and changed their display name for them, since it was a web site .com name intended perhaps to boost their google ratings?  We do let people link to their web site in their signature.  This is what many spammers try to do, so we watch for that.
 
Email addresses like kuzynnickpppeppxeeppzxp@gmail.com  are a dead giveaway.  Even more obvious emails are from   baituole3@mailondandan.com or zczcvtrzs@mailabconline.com or

xvswvwsfws@shoeonlineblog.com     We can block domains that are big offenders, which is why 98% use gmail.     Users can go to their profile and change their display name without affecting their user id.  This is simple and easy to do.

[rpt]

I mean, I never bought or used Nikon. So what do I know of the colour of the lens?

That should give you a gold plated approval already ... Stop messing about with those captchas.

The captchas are cool. It is these darned trick questions that get me...

So if asked "what is 2 and 2" the best answer is "it depends" (and that works for most questions too - try it out - you would be surprised...)

So is this an arithmetic question, is it a binary logic question, or is it just messing with your mind? I can elaborate - the answers are:
A.  4
B.  2
C.  22

See, It is hard to answer such questions...

Damn ... I've been trying to explain to the shareholders that the answer is 5 and that is not even listed as an option

Hmmm 5
Simple. Obviously you are not an engineer. You are an economist. So we need to add inflation. I'd say that is option D.  5 = (4+4)  + 20%...