Prevent flooding of user db by spambots --------------------------------------- Key: GTNPORTAL-777 URL: https://jira.jboss.org/jira/browse/GTNPORTAL-777 Project: GateIn Portal Issue Type: Bug Security Level: Public (Everyone can see) Components: Security Reporter: Marc Schoenefeld Fix For: 3.1.0 To prevent flooding of the userdb without involving the admin an email could be send out, that the user needs to click before account activation (as in bugzilla[1] for instance). Additionally you could use a captcha to prevent spam bots and fake accounts from entering the system even when they are capable of receiving email[2]. By forcing the user to provide multiple proven factors for authentication, you limit the threat of flooding and denial-of-service due to the high load of user registration. Thanks Marc [1] http://www.bugzilla.org/docs/tip/en/html/myaccount.html [2] http://www.phpbb.com/community/download/file.php?id=88695&sid=9f98d4d... -- This message is automatically generated by JIRA. - If you think it was sent incorrectly contact one of the administrators: https://jira.jboss.org/jira/secure/Administrators.jspa - For more information on JIRA, see: http://www.atlassian.com/software/jira