So I could just buy/spawn/recruit/sock puppet a billion accounts and immediately activate them, as long as I'm in possession or control of a hoarded-badge account? Jw, what're the current password requirements? In all honesty this loophole is probably too nefarious and Machiavellian to see much use, but I'll point it out there.
It's possible, but it if it looks like an issue, we will change things so as to know who is so dastardly, and who they have promoted. Another possibility is to rate-limit it. Say, you can only promote once per day. Very very low.Jw, what're the current password requirements?
I actually don't know mine, but it's not because I use some fancy password manager. One time I got drunk and changed it to a string of random letters and numbers I don't know. For what it's worth, same deal with my Facebook. But hey! Can't hurt to make those reqs any bit more stringent, could it? Another barrier to entry for new users, why not? Hubski doesn't force log outs ever so no one existing would be impacted.
