Simple Spam Deterrence.
Everyone is aware, or should be, of the continuing spam attacks that have been plaguing SD and consuming much of our Mods' time. It was good to read Stephanie's response to Ian's recent post on the matter, and to know that the SD team are working on a technical solution. In the meantime I'd just like to suggest a couple of relatively low-tech adjustments that should help deter spammers.
I think it's worth pointing out that these pests are spammers, not hackers, and where hackers might attack a system because it is hard, spammers will exploit a system because it is easy. Brick walls are needed to keep hackers out, but hurdles should deter most spammers. In this light I think it is the ease with which new users can join and post that needs to be addressed.
Obviously posting questions should not be made difficult, but allowing users to post new questions almost immediately is an open invitation to spam. At present there is an enforced 15 second delay, which in reality only serves to prevent automated posts crashing a system. As far as spamming goes it is no time to wait. So why not extend the delay time between posts to 15 minutes instead of 15 seconds? No legitimate user would post another question a mere 15 seconds after their last, and a 15 minute wait between posting questions is far from unreasonable. The infrastructure for a delay is already in place, so changing a parameter from 15 seconds to 15 minutes would not be difficult, but as a deterrent to spammers it would be significant.
The other problem is the ease with which new users can join and post. I set up an account a few moments ago and it took less than 30 seconds from start to being able to ask a question. Again, this is little deterrent for spammers, and once again a delay may help. Perhaps when a new user applies the SD system should either require more information, including fluency levels, human verification etc. or delay sending the confirmation link for 10 minutes, or both. These would only be minor inconveniences to somebody with a serious question, but would be further obstacles for spammers. Of course, a dedicated spammer could use this 10 minute window to create multiple usernames and then start posting on each, but with having to jump through extra hoops coupled with a 15 minute delay between posts, would they bother?
Total prevention may be difficult, but these minor changes should be easy to make and they would make the spammers' lives much harder.
As always, any comments or suggestions are welcome 
8 Answers
This is an excellent idea! It seems to me that these good-for-nothing sub-humans are basically lazy people with no life, so they take the path of least resistance. Why make it easy for them?
It's like marriage> It should be more difficult to enter and easier to exit.
I have noticed that these massive spam attacks increased in frequency ever since the admins put out the directive that we could no longer require new prospective members to fill out their profile. All that was required at the time was gender and proficiency levels in English and Spanish. It was also hoped that if their native language was other than English or Spanish, that they would state that as well.
Besides this, I think that every would-be member should also give a short bio, telling us about themselves. I did that the first day I came on board back in November of 2014.
Thank you, Jellonz for your well thought-out and timely comment. I hope you get a zillion votes, and lots of answers.
I agree with all your suggestions but we have to get the management to agree also.
We always used to ask newbies for their full profile before we accepted them but
some members made objections to this so it was discontinued , I think that this
was a mistake .So let us see if we can get more members agreeing with your proposals .
A few thoughts from a Devil's advocate persepctive.
the fifteen second delay is to prevent posts of any kind from being duplicated, and has saved me several times when the system is slow, and I pressed it again, thinking I must not have hit it right- I have learned to look for the spinning wheel. It can be downright annoying with some of the comments, as those can be fast, and we can delete them ourselves if we screw up.
One of the focuses of the site (per the perspective of the owners) is ease of gaining new members, they want nothing to make it difficult for people to join, that is why campaigns to require they fill out their profile always fail. The owners want joining as easy as possible- no barriers- a name and an email and you're in.
Your thoughts all would make the community better for us, but keep in mind, we are not paying, and the payers want what maximize profits. Like I tell my wife when she complains about the ads on TV- would you rather pay for it yourself? I don't know what counts for their business model- repeat visits by old users, or new users or just total hits, but whatever it is, suggestions will go nowhere if it is not taken into account. It is a business. And I do not know what percentage of the income comes from us?
Excellent idea Jellonz. The thing is though (as you rightly say) these are spammers, not hackers. Spam is really easy to stop/control. There are a number of ways to do this and hundreds (thousands maybe) of websites of this type on the internet control it.
I can't believe that a site such as this, with all the traffic it receives, has such ineffectual safeguards against spammers.
Edit, just seen the post from SD, hopefully they are now on the case!
Thanks for taking the time to share these great ideas everyone, and to jellonz for starting the conversation! Our team is actually already considering some of these tactics, including the time gap between posts, but it's great to hear some things that we might not have considered.
As we continue to build new features for SD, the reasons why people sign up for free accounts vary greatly. Many people just want an account in order to receive the word of the day emails and save the occasional score from a quiz or a set of flashcards. Most of our registered users will never even post anything in the forum, which is why we don't want to require that all of our account-holders fill out details like fluency level or a bio. Some people don't feel comfortable sharing that information and want to just use other parts of the site, apart from the forum, so we don't want to put them off by demanding extra information like that.
Our goal with the resolution to this spam problem is to find a solution that not only keeps the spammers away but also doesn't deter all the different types of great users we do have from using the site as they desire to improve their Spanish and English.
Please understand that what jellonz said is absolutely true: the people posting these spam posts are just being rude and annoying. These posts can in no way infect your computer, and no hackers have gained access to any of your information through SD. Your safety and enjoyment on SD are always our team's highest priority. We wouldn't get to do the work we love to do if no one used our site.
So while you may not always hear directly from us, please know that we always have the millions of users of this site across the world at the top of our priorities for every decision we make.
Stephanie SD Team
Unbelievable !!
Why not use that security feature that many bank websites use. When a user first logs on after registration, a box appears with a word or just random characters that the user must type to gain access. The letter/number combination is not “in line”, the fonts may be different, they may appear to be hand written, etc. The code is random and the user must type it exactly (i.e. “Gu2
