Signups in most platforms are quite hard. Straight up give your phone and do SMS verification, or at least give email and to register that email you will have to provide phone anyway. Captchas nowadays became so hard that even humans struggle with them and it often takes multiple attempts to get it right.
the solution here is to require logins. thems the breaks unfortunately. it’ll eventually pass as the novelty wears off.
Alternative: require a proof of work calculation.
Make them mine a BTC block in the Browser!
^Sorry, I’m low in blood and full of mosquito vomit. That’s probably making me think weird stuff.^
This is exactly what we need to do. You’d think that a FOSS WAF exists out there somewhere that can do this
There is. That screenshot you see in the article is a picture of a brand new one, Anubis
Yeah I realised that after posting. I think we need a better one to deal with the cases of letting legitimate users in easier though
It kind of sucks but it is the best we have for the moment
Next you’ll have to invest in preventing automated signups
not really, just tie it with 2fa SMS style and the hurdle is large enough most companies won’t bother.
Signups in most platforms are quite hard. Straight up give your phone and do SMS verification, or at least give email and to register that email you will have to provide phone anyway. Captchas nowadays became so hard that even humans struggle with them and it often takes multiple attempts to get it right.
provide phone number to look at this foss project’s website, not too sure about that
Honestly if any site demands my phone number it can get fucked.