Mar 22, 2017, 7:34 PM

@ixokai said in Wiki best practices:

Type '+wiki/password' in game. Receive the word: 'transgoggle'.
Easy. And staff doesn't have to do anything ever again and no bot or spammer will ever get it.

Sending password over clear-text is never, ever a good idea.

edit: I should amend this, knowing that I took one bit of information from a wider discussion and jumped on it. I stand by this statement: Don't send passwords in the clear.

That's not to say that this system can't still be easy, but it should require a two-factor system such as email. Register and verify an email, and then when someone types '+wiki/password' it starts the process via the registered address. It still doesn't involve any third party, which is easier and is good.

There is also a fantastic wiki plugin called Extension:ConfirmAccount which also involves zero staff involvement.

Mind you, these still involve work and our hobby puts a lot of stress on the overhead of game creation to begin with. Until someone creates this for public consumption, it's more something that might be done sometime. For this reason I prefer Extension:InviteSignup, as while yes it involves staff it's quite minimal, can be handled by anyone with wiki-staff, and will give your coder time to come up with something better.