I have some joker who thinks its funny to hit the "E-mail password" button on the log-in page for my account. They are going in via an anonymous proxy.
Any suggestions how can prevent the abuse? For example, adding a 2-minute delay between its use?
Regards, Ian
I belive we have had a discussion of a similar nature before. One of the solutions is to limit the number of clicks on the button a day per an IP address (however this may cause problems on shared IPs') or to limit the number of clicks per an account per a day (something low such as 3 is probably enough). Yours, Robert.
On 19/03/07, Ian Tresman it@knowledge.co.uk wrote:
I have some joker who thinks its funny to hit the "E-mail password" button on the log-in page for my account. They are going in via an anonymous proxy.
Any suggestions how can prevent the abuse? For example, adding a 2-minute delay between its use?
Regards, Ian
Wikitech-l mailing list Wikitech-l@lists.wikimedia.org http://lists.wikimedia.org/mailman/listinfo/wikitech-l
At 07:29 19/03/2007, you wrote:
I belive we have had a discussion of a similar nature before. One of the solutions is to limit the number of clicks on the button a day per an IP address (however this may cause problems on shared IPs') or to limit the number of clicks per an account per a day (something low such as 3 is probably enough).
And another option would be for the person to enter their own valid email address, which needs validating before the password is sent out to the password-associated email address?
Regards, Ian
Yours, Robert.
On 19/03/07, Ian Tresman it@knowledge.co.uk wrote:
I have some joker who thinks its funny to hit the "E-mail password" button on the log-in page for my account. They are going in via an anonymous proxy.
Any suggestions how can prevent the abuse? For example, adding a 2-minute delay between its use?
Regards, Ian
Wikitech-l mailing list Wikitech-l@lists.wikimedia.org http://lists.wikimedia.org/mailman/listinfo/wikitech-l
Wikitech-l mailing list Wikitech-l@lists.wikimedia.org http://lists.wikimedia.org/mailman/listinfo/wikitech-l
On 19/03/07, Ian Tresman it@knowledge.co.uk wrote:
I have some joker who thinks its funny to hit the "E-mail password" button on the log-in page for my account. They are going in via an anonymous proxy.
Any suggestions how can prevent the abuse? For example, adding a 2-minute delay between its use?
Regards, Ian
I swear this was previously solved by Tim Starling in 1.8...
Andrew Garrett
I swear this was previously solved by Tim Starling in 1.8...
I had such a problem some days ago where a mail adress of a user was wrong. So I corrected it in the DB but wasn't able to send another password reminder as I was told by MediaWiki that this can be done only once per 24 h.
2007/3/19, Ian Tresman it@knowledge.co.uk:
And another option would be for the person to enter their own valid email address, which needs validating before the password is sent out to the password-associated email address?
Emmm... No, that wouldn't work. To validate the e-mail address, we need to send a message to that e-mail address, so the person could cause the same kind of trouble by hitting the button to validate your address.
wikitech-l@lists.wikimedia.org