I've been looking at reddit.com and they don't require new users to enter an em开发者_运维百科ail address. Instead, they only require users to enter a captcha.
I've been considering only using recaptcha to verify new users, instead of both an email address and captcha like many sites do.
What is the use of verifying both an email address and a captcha? It seems more likely that a bot could spoof an email verification instead of a captcha.
I've lost my Reddit password — and there's no way to restore it.
The point of having a validated email is not only seeing that someone can receive an email and click a link in it; a robot can do this, too. The email is a route back to the user: it serves to restore lost passwords (and people do forget passwords), to notify of important events, etc.
OpenID is also a great registration / login option, minimum hassle for the user, and you get a validated email with it, too.
I wouldn't say you ever want only an email address verification; tbh I think the "verification" part of that is a gimmmick for folks to just make sure they have an email address for their users which they can later use for notifications or for other reasons. It's more insurance that you probably have a 'live' email address than it is insurance that the person isn't a bot.
regarding blacklists for disposable email services: have a look at http://www.block-disposable-email.com. This is a service I recently started. It's free and currently detects > 1000 domains with dea services.
If needed I can also provide a kind of blacklist.
Regards,
Gerold
email is not even a very good method of verifying a user. Its easy to use disposable email services and its also easy to automate clicking on a activation links.
![Interactive visualization of a graph in python [closed]](https://www.devze.com/res/2023/04-10/09/92d32fe8c0d22fb96bd6f6e8b7d1f457.gif)
加载中,请稍侯......
精彩评论