We share good ideas and conversation here.   Login, Join Us, or Take a Tour!
comment by _refugee_
_refugee_  ·  101 days ago  ·  link  ·    ·  parent  ·  post: Hubski Update: You must be this thoughtful to post to Hubski

So I could just buy/spawn/recruit/sock puppet a billion accounts and immediately activate them, as long as I'm in possession or control of a hoarded-badge account?

Jw, what're the current password requirements? In all honesty this loophole is probably too nefarious and Machiavellian to see much use, but I'll point it out there.




mk  ·  101 days ago  ·  link  ·  

It's possible, but it if it looks like an issue, we will change things so as to know who is so dastardly, and who they have promoted.

Another possibility is to rate-limit it. Say, you can only promote once per day.

    Jw, what're the current password requirements?

Very very low.

_refugee_  ·  101 days ago  ·  link  ·  

I actually don't know mine, but it's not because I use some fancy password manager. One time I got drunk and changed it to a string of random letters and numbers I don't know.

For what it's worth, same deal with my Facebook.

But hey! Can't hurt to make those reqs any bit more stringent, could it? Another barrier to entry for new users, why not? Hubski doesn't force log outs ever so no one existing would be impacted.

kleinbl00  ·  101 days ago  ·  link  ·  

_refugee_  ·  101 days ago  ·  link  ·  

Security - not even. Moderation? Si. Barriers to participation? Si. Enforced distance? Siiiiii

mike  ·  90 days ago  ·  link  ·  

I forgot my password some years ago and mk reset it to something rude and funny. I haven't changed it since. I worry that someday a hacker will publish my password and the feds will investigate me.

mike  ·  90 days ago  ·  link  ·  

I forgot my password some years ago and mk reset it to something rude and funny. I haven't changed it since. I worry that someday a hacker will publish my password and the feds will investigate me.