Add the ability for the administration of individual instances to enable e-mail verification at its discretion.
The amount of spam on popular resources is often disastrous. Captcha and email verification can make targeted spam attacks much more difficult.
Regarding Captcha, would a "proof of work" be a viable alternative instead of asking the user to complete a puzzle?
I agree about the captcha. There are many doubts and questions about its use.
hcaptcha? (instead of recaptcha)
@ptman I dont like to use something that depends on an external server.
It must be optional. But in order to fight spam, which has great volume, and sometimes profit motive, a single instance admin or open source project developer doesn't necessarily have enough capacity to deal with it well. I believe cloudflare moved from recaptcha to hcaptcha after having evaluated several options.
Ideally, there would be a federated open source captcha usable for any and all services, but until then something else will have to be used.
I'd want it to be something self-hostable, ideally a dockerized thing.
We've added captcha instead.
Most helpful comment
@ptman I dont like to use something that depends on an external server.