Jump to content

Community

CP-Admin : Login & Registration


Recommended Posts

Hello,

There should be more flexibility in the registration settings, with local depending on the service (Apple, Google, Microsoft) or global as currently.

In this context I would like to be able to deactivate the "standard" registration without deactivating "standard" the login, and allow only by Apple, Google, Microsoft registration and login.

Edited by MEVi
Link to post
Share on other sites

I was humbly going to suggest that disabling the generic signup was potentially a bad idea. I was going to argue that further incorporating social media as the default requirement to join only further empowers people to use them.  But the more I thought about your concept, the more I could see a potential advantage.

First, it is not too far of a stretch to assume most people today already use Google, Twitter, Facebook, and alike. There is no helping it. Second, one of the biggest drawbacks to forums, especially small communities, is not having the human resources and infrastructure to root out many of the spammers and bots that social media does.  However, by disabling the general e-mail and requiring social media to join your community, you better ensure interested people join, as social media, at least in theory, have already rooted out the fifth.

Additionally, the more I think about your proposed concept, it could be a further deterrent when banning undesirables. Right now, if I ban someone, they can easily pick up a disposable e-mail and hop right back on. However, for example, for places such as Facebook, I need a verified e-mail, verified phone number, and upload a clear photo just to be validated. Banning a Facebook log-in can go along way in keeping more difficult people off your community when a simple e-mail is no longer an option.

Your proposal has caused me to think differently. I like it. 👍

Link to post
Share on other sites

The most per member name use Gmail, Hotmail and Co. email addresses that depend on the OAuth 2.0. I have members who tell me that the domain name on which their address was on has been abandoned and that they have switched to Apple, Gmail...

I have thousands of members, some of them have passed away in the domain names associated with their email addresses have been canceled and then bought back, having no PGP option a malicious person can easily read the information that is not intended for them. The police recommend encouraging registration by Apple, Gmail, and Co., but not with Facebook or twitter.

If a future member wants to use an email address that deviates from the OAuth 2.0 system, he will have to obtain authorization from an administrator. If the member wants to use Facebook or Twitter to log in as a new member, this will not be possible.

I want to have more flexibility in the possibilities of registration and connection for example if LDAP is activated the settings are global which for the moment prevents us from using it.

I would like to make first connection rules:

  • Please enter your member code or IP Range
  • Your LDAP or ... email address:
  • Password:

Then the user will be able to log in by Facebook, Gmail if allowed in the options in profil user.

Edited by MEVi
Link to post
Share on other sites
19 hours ago, Linux-Is-Best said:

I was humbly going to suggest that disabling the generic signup was potentially a bad idea. I was going to argue that further incorporating social media as the default requirement to join only further empowers people to use them.  But the more I thought about your concept, the more I could see a potential advantage.

First, it is not too far of a stretch to assume most people today already use Google, Twitter, Facebook, and alike. There is no helping it. Second, one of the biggest drawbacks to forums, especially small communities, is not having the human resources and infrastructure to root out many of the spammers and bots that social media does.  However, by disabling the general e-mail and requiring social media to join your community, you better ensure interested people join, as social media, at least in theory, have already rooted out the fifth.

Additionally, the more I think about your proposed concept, it could be a further deterrent when banning undesirables. Right now, if I ban someone, they can easily pick up a disposable e-mail and hop right back on. However, for example, for places such as Facebook, I need a verified e-mail, verified phone number, and upload a clear photo just to be validated. Banning a Facebook log-in can go along way in keeping more difficult people off your community when a simple e-mail is no longer an option.

Your proposal has caused me to think differently. I like it. 👍

Interesting points! But what's stopping an anonymous troll / banned member from creating a new Twitter/Gmail account just to join? 😇  The skeptic in me fears that bots and spammers will find new ways to abuse the system regardless 🤦🏼‍♂️ 

Link to post
Share on other sites
16 hours ago, Jordan Invision said:

Interesting points! But what's stopping an anonymous troll / banned member from creating a new Twitter/Gmail account just to join? 😇  The skeptic in me fears that bots and spammers will find new ways to abuse the system regardless 🤦🏼‍♂️ 

As previously explained, I or anyone here can easily, and quickly I may add, generate a temporary e-mail and hop right back in within seconds. There is virtually no effort in doing so. I could easily create multiple accounts in under a minute if I were so inclined to do so without automation, just my keyboard, mouse, and a few open browser windows. It's that easy.  Which begs the question, why is it that easy? The answer is relatively straightforward; there is no filter. Nothing is stopping me in the least. It requires no effort or even thought, just intent.

But as previously explained, right now, making a new Facebook account, for example, is not so effortless.  I first need to confirm my e-mail address, confirm a phone number, and upload a clear photo.  Then assuming Facebook approves my new account, I could finally make my way to your site. In this instance, Facebook, not you or your forum, have done the heavy lifting. And should you ban my Facebook account from using your website, I would have to again make a new Facebook account. Which would require a completely different e-mail, a different verifiable phone number, and another clear photo.  Before replying to your post, I attempted to do just that. Let me tell you, it not as easy as that sounds.

I have always believed that if something can be abused, it ultimately will be abused, and if there is a will, there is always a way. Having said that, I hope you understand the belief that there is no perfect system for resolving any given problem.  But that is never an excuse to not attempt to strive for excellence and try to overcome.

As forums go, some would choose to see social media as the outlet working against us. I ask, why not have them work for us? They already have the filtration system, which has been battle-tested for decades. Why not use that to our advantage?  

At least, that is my hypothesis. I thank you kindly for your time and consideration. 🙂

Edited by Linux-Is-Best
forgot a word
Link to post
Share on other sites
22 hours ago, Linux-Is-Best said:

As previously explained, I or anyone here can easily, and quickly I may add, generate a temporary e-mail and hop right back in within seconds. There is virtually no effort in doing so. I could easily create multiple accounts in under a minute if I were so inclined to do so without automation, just my keyboard, mouse, and a few open browser windows. It's that easy.  Which begs the question, why is it that easy? The answer is relatively straightforward; there is no filter. Nothing is stopping me in the least. It requires no effort or even thought, just intent.

But as previously explained, right now, making a new Facebook account, for example, is not so effortless.  I first need to confirm my e-mail address, confirm a phone number, and upload a clear photo.  Then assuming Facebook approves my new account, I could finally make my way to your site. In this instance, Facebook, not you or your forum, have done the heavy lifting. And should you ban my Facebook account from using your website, I would have to again make a new Facebook account. Which would require a completely different e-mail, a different verifiable phone number, and another clear photo.  Before replying to your post, I attempted to do just that. Let me tell you, it not as easy as that sounds.

I have always believed that if something can be abused, it ultimately will be abused, and if there is a will, there is always a way. Having said that, I hope you understand the belief that there is no perfect system for resolving any given problem.  But that is never an excuse to not attempt to strive for excellence and try to overcome.

As forums go, some would choose to see social media as the outlet working against us. I ask, why not have them work for us? They already have the filtration system, which has been battle-tested for decades. Why not use that to our advantage?  

At least, that is my hypothesis. I thank you kindly for your time and consideration. 🙂

I hear you. My apologies for not completely digesting your comment before responding. 

So in your example, your forum could theoretically implement Facebook as the only means to creating an account because they have the strictest onboarding process? Is that right? 

I do agree in particular with this: "I have always believed that if something can be abused, it ultimately will be abused, and if there is a will, there is always a way." 

If someone wants to abuse something, they'll stop at nothing. But putting roadblocks in front of them is a good way to go on the offense. 

Link to post
Share on other sites
5 hours ago, Jordan Invision said:

So in your example, your forum could theoretically implement Facebook as the only means to creating an account because they have the strictest onboarding process? Is that right? 

 

3 hours ago, Paul E. said:

More simply, for each login method:

  • Enabled [ x ] Yes [   ] No
  • Allow new registrations [   ] Yes [ x ] No
  • Allow login [ x ] Yes [   ] No

Hello @Jordan Invision

I believe @Paul E. put is more simply, but, yes.  It would be idea of have chooses between each possible method. And given the choice, I would likely opt to disable the generic e-mail method. But someone else may wish to keep it enabled. It's really about having the choice on which method you feel will work best for your community.

Edited by Linux-Is-Best
expanded
Link to post
Share on other sites
On 2/19/2021 at 8:42 PM, Linux-Is-Best said:

Hello @Jordan Invision

I believe @Paul E. put is more simply, but, yes.  It would be idea of have chooses between each possible method. And given the choice, I would likely opt to disable the generic e-mail method. But someone else may wish to keep it enabled. It's really about having the choice on which method you feel will work best for your community.

I hear ya. I documented your suggestion and will continue to keep an eye on things to see whether your idea gains more momentum 🙂

Link to post
Share on other sites
  • Recently Browsing   0 members

    No registered users viewing this page.

×
×
  • Create New...

Important Information

We use technologies, such as cookies, to customise content and advertising, to provide social media features and to analyse traffic to the site. We also share information about your use of our site with our trusted social media, advertising and analytics partners. See more about cookies and our Privacy Policy