Why are there security questions?
#1
So with the rise of Google NoCaptcha what is the purpose of MyBB using security questions? The biggest trend in spamming lately is manual registration then let the bot do it's work. I'm sure stuff like Captchas and other anti-spam measures including databases like StopForumSpam and services like Cloudflare also help out. However I'm simply curious about the purpose of security questions :/
Software Engineer specializing in C# Program Development
Reply
#2
Some people may choose not to use Google's services. In China, Google is not available at all. Some people would rather use anti-spam solutions which don't require using third party services. There's no downside to having security questions available -- it's still a very good solution against bots. Human spammers will always be a problem, which is where moderation comes into play.
No longer involved in the MyBB project.
Reply
#3
I prefer security questions over image and game CAPTCHA because it's friendlier for people with disabilities or have JavaScript disabled.

If a human is solving the CAPTCHA, the methodology doesn't matter much, but security questions could make sure the visitor knows at least a little about your subject matter.
Reply
#4
(2017-04-11, 06:56 PM)laie_techie Wrote: I prefer security questions over image and game CAPTCHA because it's friendlier for people with disabilities or have JavaScript disabled.

If a human is solving the CAPTCHA, the methodology doesn't matter much, but security questions could make sure the visitor knows at least a little about your subject matter.

(2017-04-11, 03:31 AM)Nathan Malcolm Wrote: Some people may choose not to use Google's services. In China, Google is not available at all. Some people would rather use anti-spam solutions which don't require using third party services. There's no downside to having security questions available -- it's still a very good solution against bots. Human spammers will always be a problem, which is where moderation comes into play.


Thanks for your answers. I prefer to use Google NoCaptcha-Recaptcha since it combines captchas with risk management systems. For example many Tor nodes are blocked from even attempting, it'll give you an error when you try to use, in other cases you'll submit the correct answer and be constantly told to try again (I went high as 12 until I was locked out) so it's harder on spammers. Sadly a large chunk of spam comes from countries like China so I don't care if they can't access the site.
Software Engineer specializing in C# Program Development
Reply
#5
It's just another simple tool to prevent spam. I've actually talked to some forum owners that don't like using CAPTCHA's on their registration page. Odd..
Reply
#6
(2017-04-20, 12:51 AM)Bull™ Wrote: It's just another simple tool to prevent spam. I've actually talked to some forum owners that don't like using CAPTCHA's on their registration page. Odd..

I agree that's unusual then again they are the same people saying help me there is too much spam
Software Engineer specializing in C# Program Development
Reply
#7
If you use catch spam during the post process then you can remove most of the captcha restrictions during registration and just leave one simple tool activated, in this case security questions may be the most user friendly.
Reply


Forum Jump:


Users browsing this thread: 1 Guest(s)