Share good ideas and conversation.   Login, Join Us, or Take a Tour!
comment by _refugee_
_refugee_  ·  275 days ago  ·  link  ·    ·  parent  ·  post: Hubski Update: You must be this thoughtful to post to Hubski

So I could just buy/spawn/recruit/sock puppet a billion accounts and immediately activate them, as long as I'm in possession or control of a hoarded-badge account?

Jw, what're the current password requirements? In all honesty this loophole is probably too nefarious and Machiavellian to see much use, but I'll point it out there.




mk  ·  275 days ago  ·  link  ·  

It's possible, but it if it looks like an issue, we will change things so as to know who is so dastardly, and who they have promoted.

Another possibility is to rate-limit it. Say, you can only promote once per day.

    Jw, what're the current password requirements?

Very very low.

_refugee_  ·  275 days ago  ·  link  ·  

I actually don't know mine, but it's not because I use some fancy password manager. One time I got drunk and changed it to a string of random letters and numbers I don't know.

For what it's worth, same deal with my Facebook.

But hey! Can't hurt to make those reqs any bit more stringent, could it? Another barrier to entry for new users, why not? Hubski doesn't force log outs ever so no one existing would be impacted.

kleinbl00  ·  275 days ago  ·  link  ·  

_refugee_  ·  275 days ago  ·  link  ·  

Security - not even. Moderation? Si. Barriers to participation? Si. Enforced distance? Siiiiii

mike  ·  264 days ago  ·  link  ·  

I forgot my password some years ago and mk reset it to something rude and funny. I haven't changed it since. I worry that someday a hacker will publish my password and the feds will investigate me.

mike  ·  264 days ago  ·  link  ·  

I forgot my password some years ago and mk reset it to something rude and funny. I haven't changed it since. I worry that someday a hacker will publish my password and the feds will investigate me.