Heya! I don’t think anyone has brought up age vetting (in regards to groups) so I hope I can do that now.
I have noticed that there has been a real issue with member botting recently. Some of the largest groups in ROBLOX have done it, and it can not only be used to gain members, but also attack other groups. I have seen this used to make groups vulnerable to moderation, as it is extremely difficult to remove bots even if it is Join Request based (bots can fill over 700 pages). They can post spam comments, clog up automated systems or just be a nuisance.
My solution is an optional age check for group owners to set. This will mean that, regardless of the join status of the group, if the user is below a certain age they will be unable to pend / join for the group. This may also reduce the saturation of inactive, new accounts which can make a group appear larger than it actually is activity-wise.
However, I believe that this should be capped at a sensible number. I don’t think anyone would benefit from a 300 day requirement for members, as this may be an unfair disadvantage to people who have a good reason to have an account under that age - people often generate new accounts to join groups (space, or conflicting allegiances)
I don’t think an age check is a solution. That’s a duct-tape fix that hurts new real members. Botting is a difficult problem to solve, but punishing real users is even worse than having bots.
I agree totally with that, which is mostly why I recommended the upper bound being set fairly low.
Perhaps the implementation of some other verification measure? Email-only for example.
I can’t remember if email verified is a requirement already or not, but bots also verify themselves.
On top of this, if a time limit such as 10 days is added, that’s very easy to overcome with botting as well (simply create accounts then wait 10 days). Botting is one of the larger problems on the internet as a whole and has no simple solution unfortunately There are people who work on preventing it though!
Yeah - the reason I recommended this is because practically, to keep a bot running for 10 days then launch all the accounts requires a far different setup than the account bots going around (I can send you it if you want!)
EDIT: I think this post that I just wrote (when searching about other botting related issues) is fairly relevant in this case (link here)
I recorded my personal time - ~1.33s
I don’t think any users would be too upset by that, and the few times it does trigger would probably take about five seconds. Not only that, but there is already standard (and slower) reCAPTCHA during ROBLOX login / signup processes.
This has kind have gone off-topic from the original title of Account Age Limits to the upgrade to a different captcha system. ¯\__ (ツ) __/¯
In one of ReeseMcBlox’s posts she mentioned that not only is there already floodchecking for the same IP creating multiple accounts, there’s also already an age limit (and email verification) on posting comments and it doesn’t work – all that will happen is botters will create accounts in advance. As an added side effect, as @AbstractAlex mentioned, legitimate users will not be able to join groups. Sorry, but an age limit on groups won’t accomplish anything good.
With that in mind, you can have Lilly_S lock the thread if you’re not comfortable with others broadening the scope to stopping botting in general since age limits won’t work.
That ROBLOX has already tried captchas on part of the site and has specifically said they don’t want to implement them anywhere else should be a big clue that they don’t solve the problem. If that’s not enough, recognize how many bot accounts are being created still and notice that even though they have to solve a captcha they’re still getting through. Captchas are an idea that look really good on paper, and are nice for smaller sites, but any high-traffic site isn’t going to benefit from them.
5 seconds * the many times you post a comment, send a PM, or do anything social on the site. That adds up to a lot. Even if they’re not put into widespread use, captcha minigames are still annoying and certainly aren’t worth it since they won’t stop the botting in the first place.
Good points, and agreed. I will probably ask Lilly to lock this just for the reason that there is already a thread addressing this issue.
Before I do however, I must say that the IP check is almost completely useless in stopping bots - It is only good at slowing down creation. There are a ton of sites available that allow for giant floods of proxies (for free, or for cheap) allowing bot makers to make this check almost redundant (however, if it were to be removed, it would probably speed up botting by x10)
A duct tape fix for group owners to use to help prevent problems is effectively helpful until a real fix can be implemented - it can also be given real use by the owners of a group aside from preventing botting.
Allowing the owner to set an account age limit, letting me choose from 15 days or 1 year for an example as a text value.
Allowing the owner to require new members to have a verified email.
Allowing the owner to require new members to have a certain badge.
Allowing the owner to require new members to own a set of clothing (specified as a group uniform or something).
Things like this can help reduce the problem significantly - and it gives group owners the option to not only limit the amount of bots significantly lower, but it also allows group owners to set higher standards for their new members.