The MU forums have moved to WordPress.org

Signup - get rid of email validation for good? (23 posts)

  1. donncha
    Key Master
    Posted 17 years ago #

    You may have noticed that the signup form on WordPress.com no longer requires validation of the email address. Since we've made that change the rate of signups has increased by a small percentage, and from our experience it's clear that most spammers aren't stopped by the email validation stage, unfortunately.

    So, should the email validation stage in WordPress MU signup go too?

  2. andrea_r
    Moderator
    Posted 17 years ago #

    Can you make it an option or a hook so some of us can use it if needed/wanted or have the ability to moderate signups?

  3. itdamager
    Member
    Posted 17 years ago #

    Please do not remove it. Make it optional instead.

  4. lunabyte
    Member
    Posted 17 years ago #

    I could see that as maybe an option?

    Talking strictly about MU out of the box, email validation is the only small defense that keeps "some" spammers out.

    Plus, it lets me know that if I need to contact a user, that their contact information is legitimate.

    I could see taking out the validation key, perhaps, but at least send the username/pass to their email.

    On the other hand, if you were to add in an approval system for signups (as an option), that might help too.

    Heck, how about coding in an optional captcha, simple question, or some other type of intervention as further options?

    /me... I hate spammers. With a captcha and the email validation, the only spammers I get are the "noob" spammers that are dumb enough to sit there and actually manually input their stuff.

    Sure, there are a few people that seem to be having trouble with it, but it's more on their host side, and the fact that they just don't really have the skills to properly setup an MU environment.

    Optional, maybe. Removal: please don't.

  5. drmiketemp
    Member
    Posted 17 years ago #

    Optional, maybe. Removal: please don't.

    +1. I hate spammers as well. Moot for me and I've got to admit that I'm not going to allow my clients to use this feature but I can see some folks using it.

  6. andrewbillits
    Member
    Posted 17 years ago #

    I'd keep it. 90% of the web 2.0 services require email validation. A serious blogger or someone who will actually write decent content will be used to it by now.

    Also, for those of use that send emails to our users it's nice to know that we're sending mail to valid addresses.

    So:
    Make it optional: If you must
    Remove it completely: Absolutely not

    Just my two cents.

    PS: Can we please get a moderator? I don't care who it is at this point.

    Thanks,
    Andrew

  7. Farms
    Member
    Posted 17 years ago #

    As most of my users are teachers, they often use edu email addresses, which have the strongest spam filters known to mankind... and consequently intercept a lot of the emails.

    I'd actually quite like to see it go... or at least be made optional.

  8. Farms
    Member
    Posted 17 years ago #

    BTW itdamager, good to see you :)

  9. Farms
    Member
    Posted 17 years ago #

    Actually, it does give a real feel of authenticity though - and discourages people who just don't want blogs too - so I'd prefer to keep it in by default not just for spam... but also as a useful barrier to annoyance.

  10. quenting
    Member
    Posted 17 years ago #

    I'm going to get rid of it one way or another. Better off if it's in the software.

  11. mysorehead
    Member
    Posted 17 years ago #

    Email is dead, get rid of it.

    Actually I don;t have a live site (school intranet) so ignore my opinion. Oh, I'd rather see having an OpenID be enforced rather than having an email address.

    Richard

  12. lunabyte
    Member
    Posted 17 years ago #

    F**k Open ID.

    There. I went there.

  13. donncha
    Key Master
    Posted 17 years ago #

    OK, email validation during signup is staying. If anyone wants to make it optional, all you have to do is bypass the validation stage based on a site_option, and add a checkbox to wpmu options. :)

  14. andrea_r
    Moderator
    Posted 17 years ago #

    workin' on that and moderated signups...

  15. lunabyte
    Member
    Posted 17 years ago #

    Good enough, D.

    Simple to turn off, or leave on. A respectable compromise indeed.

  16. xiand0
    Blocked
    Posted 17 years ago #

    donncha,
    please consider putting the CAPTCHA into the signup form,
    and do get rid of the e-mail requirement.

    CAPTCHA will upset users and make them slightly annoyed. But it works, and this makes sure that human involvement with signing up is indicated.

    I am all for getting rid of the e-mail signup thing alltogether.

    My reason for being all for no e-mail requirement is that I don't really care if people have an e-mail or not, but I do care that it is impossible to do automatic signups in any shape, way or form.

    E-mail doesn't provide that property, a verification program can have *@tonodomains.com directed to it and do signups. A very clever CAPTCHA solution can (atleast at this point in time) make sure that there really is a human who is signing up (I use this for posting comments in blogs too).

  17. donncha
    Key Master
    Posted 17 years ago #

    Sorry, CAPTCHAs will never become part of the signup form unless it's a 3rd party plugin.

  18. drmiketemp
    Member
    Posted 17 years ago #

    But it works, and this makes sure that human involvement with signing up is indicated.

    A quick search will show you that that isn't true. They do not work, no user behind a broken proxy like Comcast and a good chunk of RoadRunner or me here at CPCC can't see the correct image, and they are machine and Koren sweatshop employee (being honest there) readable.

    CAPTCHA will upset users and make them slightly annoyed.

    I do hope that that isn't acceptable to you. Annoying your users probably isn't the way to go.

  19. lunabyte
    Member
    Posted 17 years ago #

    Really, most bots can't read but the simplest of images, if they can read them at all. Most can't, and only truly "serious" spammers willing to get their hands on that technology applies.

    For me, I have a happy medium with mine. It isn't extravagant, but it is pretty readable. And it's worked well enough to keep the bots out of my registration forms.

    They can be overdone, hell there's some at times that I can barely figure out, let alone a bot.

    However, I can't see it as a default MU setting. Optional would be nice, but looks like I'll still be modding to put mine in. Such is life.

    To be honest, and call me crazy, but as common as captchas are these days, I really can't believe they drive people away in droves. If anything it would reassure me that the particular service was pro-active enough to try and provide a nice environment, clear of dick pills and porn ads.

    If someone wants those things, they know where/how to find em.

    Getting back to the crazy side, even if there is a 10% walk-off rate because of the captcha, I'm willing to accept that in trade for it blocking 95%+ of the spammers out there.

  20. drmiketemp
    Member
    Posted 17 years ago #

    Really, most bots can't read but the simplest of images, if they can read them at all.

    I disagree with that. The last time we discussed this, we pointed folks to an article where it was noted that even the math captcha had been shown as being defeated.

    For me, the broken proxy issue is more of an issue.

  21. lunabyte
    Member
    Posted 17 years ago #

    Not saying there aren't bots out there that can solve the lower end, as they do exist. But then again, so does a Lamborghini or a Ferrari, which you don't see near as much as you see a F-150 or a beater.

    You know, I do wonder something though... but that's for another time, another place.

  22. Farms
    Member
    Posted 17 years ago #

    I agree, a built in captcha would be great.

  23. oscarrovira
    Member
    Posted 17 years ago #

    i think the verification is good and meabe wordpress mu nead to incorporate a Captcha sistem, i made mi own.

    You can see the captcha working in:
    http://eterblogs.com/wp-signup.php

    You can Download the script, the hacks and get help in:
    http://eterblog.com/2007/11/21/trucos/wp-captcha-10-captcha-system-for-wordpress-mu/

About this Topic

  • Started 17 years ago by donncha
  • Latest reply from oscarrovira