Currently all users who want to register, need to insert so much information. I think there should Simple Registration feature, what allow peoples register with only email, username and 2 time password inserting. There should be Classic Registration setting too. And what point is Security Question? reCAPTCHA is enough!
(2019-07-15, 08:21 AM)ks1001 Wrote: [ -> ]Currently all users who want to register, need to insert so much information. I think there should Simple Registration feature, what allow peoples register with only email, username and 2 time password inserting. There should be Classic Registration setting too. And what point is Security Question? reCAPTCHA is enough!
reCAPTCHA can be turned off at the AdminCP.
Security Questions are there to catch spam bots, even though that can be overcome if the questions are easy... like 4+4 -- Too easy
I have 10 security questions that rotate and it would be hard for a spam bot to overcome, not impossible, but hard... like 48 to the 2nd power -- Harder
Just saying...
I think the focus is on prevent spam/bots. If you have a good method currently to combat spammers/bots and don't need to rely on blocking them at the registration page then you can replace the page with your own form rather easily.
(2019-07-15, 08:58 AM)Serpius Wrote: [ -> ] (2019-07-15, 08:21 AM)ks1001 Wrote: [ -> ]Currently all users who want to register, need to insert so much information. I think there should Simple Registration feature, what allow peoples register with only email, username and 2 time password inserting. There should be Classic Registration setting too. And what point is Security Question? reCAPTCHA is enough!
reCAPTCHA can be turned off at the AdminCP.
Security Questions are there to catch spam bots, even though that can be overcome if the questions are easy... like 4+4 -- Too easy
I have 10 security questions that rotate and it would be hard for a spam bot to overcome, not impossible, but hard... like 48 to the 2nd power -- Harder
Just saying...
I think reCAPTCHA is much better than Security Questions. reCAPTCHA mission is don't let any spam bots to there and they develop this active.
I share your idea of a slim registration form.
Security mechanisms makes sense of course,
but the form could be reduced by get rid of some settings elements.
To achieve this temporary, you can just predefine settings with a value put into a hidden input field. The visible elements can be dropped from the form then. An additional note can tip the user to change his profile settings after registration.
A quite simple registration form could look like:
- User name
- E-Mail
- Password / confirmation
[- Language / Time Zone]
- Security / Captcha
[ExiTuS]
(2019-07-15, 10:21 AM)[ExiTuS] Wrote: [ -> ]I share your idea of a slim registration form.
Security mechanisms makes sense of course,
but the form could be reduced by get rid of some settings elements.
To achieve this temporary, you can just predefine settings with a value put into a hidden input field. The visible elements can be dropped from the form then. An additional note can tip the user to change his profile settings after registration.
A quite simple registration form could look like:
- User name
- E-Mail
- Password / confirmation
[- Language / Time Zone]
- Security / Captcha
[ExiTuS]
Time zone and language isn't needed. For Time zone is auto detection and for language default language
Is your suggestion to remove the functionality all together? Because everybody can allready do what you suggest in your first post, even drop the google recaptcha (which is an option by the way).
(2019-07-15, 12:31 PM)Ashley1 Wrote: [ -> ]Is your suggestion to remove the functionality all together? Because everybody can allready do what you suggest in your first post, even drop the google recaptcha (which is an option by the way).
No, I mean reCAPTCHA should be stay, but security questions should be removed.
(2019-07-15, 12:47 PM)ks1001 Wrote: [ -> ] (2019-07-15, 12:31 PM)Ashley1 Wrote: [ -> ]Is your suggestion to remove the functionality all together? Because everybody can allready do what you suggest in your first post, even drop the google recaptcha (which is an option by the way).
No, I mean reCAPTCHA should be stay, but security questions should be removed.
You can disable it in the settings.
Security questions are very effective on my board (which is a special interest group).
You can see how many registration attempts were made, how many were successful and how many failed.
[
attachment=41996]