Name, password, repeat password, that's it. If you really have to you can later bug the user to enter an optional email address and explain that they may have problems recovering their account in certain circumstances if they don't.
-
-
I tend to agree fully, but that also requires a reddit-like spam detection (and post throttling for new users) so that a mass number of throwaway accounts don't ruin the community. Or reputation system & filtering. I think it's an essential part of self-organizing communities.
-
Bots can set up email addresses far easier than people can. You're making far more additional work for the users than you are for the bots.
-
That is true. The only problem email/phone auth solves is disincentivizing creation of alt-accounts by making it a hassle for real users. I think most communities are afraid of alt accounts. Except reddit.
-
That makes sense, except that again it doesn't stop bots from setting up a gazillion accounts, the bot just has to be programmed to set up an email account and go to the link in the email.
-
Honestly Captcha+Username is probably far more secure than Email+Username. And if the point is to "make it a hassle" for real users to get multiple accounts, I'd just put a limit on signups per IP+UserAgent or something.
End of conversation
New conversation -
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.