The core of most forum platforms is a membership system that is designed to promote loyalty and increase interaction between members. After all, if all posts were from anonymous visitors with no profile information or username, the experience would be rather boring. When members register an account they create an identity for themselves. Most forums allow user profile customization, which enhances the membership experience.
A problem that many forum owners encounter once their forum starts to become popular is fake user accounts, spammers, bots, duplicate accounts, etc. You may think hundreds of visitors are creating accounts when in reality bots are signing up and spamming your forum. Different security measures can be implemented to combat fake registrations and spammers, but knowing which is most effective and least intrusive for real visitors is the key.
Most forums allow a minimal registration form with simple fields like username, password, and email. You can configure your forum to allow anyone to register with those three items filled out. Without setting up email activation or other registration fields to fill out, spammers and bots can easily register multiple accounts with fake emails and wreck your forum. However, this type of easy registration allows real visitors quick and easy access to your forum. If you don’t mind keeping a constant eye on your forum and deleting spam accounts and messages, this type of registration is the way to go.
Often I find that email activation can cause visitors to give up on the registration process. Maybe your email lands in their junk folder, or maybe it is delayed. So while they are waiting to check their email they visit another site and forget about yours. Not requiring email activation has the benefit of offering visitors instant access to membership features. Consider this option if your forum is new with very few signups. A large forum would be overwhelmed with spam accounts.
Email Activation and Image Verification
The most common type of registration involves the member activating their account by verifying their email address. After the user completes the registration form, an email is sent to the user. They click on a link that activates their account. This system requires a real email address that can be checked by the person registering the account. It prevents bots and spammers from creating multiple accounts and can deter them altogether. Another popular option for registration pages are human input tests. CAPTCHA is a popular program that generates a challenging image with letters, numbers, or shapes that the user must read. Bots often cannot read the contents of an image and cannot proceed with the registration.
While these security measures prevent spammers and bots from creating accounts on your forum, real members have to jump through extra hurdles to become members on your forum. As mentioned earlier, email activation sometimes fails to send emails, or sends an email to a users junk folder. When this happens a user might give up on trying to create an account. Sometimes image verification is difficult for real visitors. Some of the images are challenging to read, and can frustrate potential members to the point where they give up.
A recently popular addition to many forums is the ability to ask questions to visitors trying to register. This security method can be used as an alternative to image verification or as a supplement for increased security. This test usually involves one or more pre-defined questions and answers set up by the administrator. For example, the registration page may say, “What is the missing word in the sentence: Red, white, and ____.” The answer is obvious if you are American. Blue. Bots have no way of knowing the answer to the question, eliminating bot signups.
Be careful not to make the questions too tough. Questions like, “Solve ((2 x 40) / 46)” are too much. Even though they might be easily answered, some people can miss obvious answers and give up on trying to register. On niche forums, for example, a security question might be, “What year was Nintendo founded?” This type of question should also be avoided because not everyone will know the answer off the top of their head. Stick with really simple questions that have obvious answers like, “What is 2 + 2?” This will ensure potential members answer correctly, but as long as you require a specific input bots will not be able to register.
A very strict way of registering members involves administrator approval of all new accounts. This type of registration should only be used when you want only certain types of people to join your forum. With such limited access to membership your community becomes exclusive. This type of system would be useful for forums with special content or on popular forums that want to select certain members who they believe will contribute. This method should not be used if you are trying to gain new members such as with a new forum because it creates a large barrier between the visitor and being able to post messages.
Exclusive online forums who wish to only have certain people being able to view and post content could choose to implement a referral/invitation only system. In this type of system, only current members can recruit new members. They must have a referral link or be approved by the administrator. This type of system could be useful to clubs and organizations that are not open to the public.