[quote]Ip bans do not solve any problems. They only cause problems that would need to be fixed later. [/quote] You make a lot of good points, I really only want IP bans to try and stop the crazy guy who has been spamming the forums for days now. He's made many accounts and created tens of threads. I doubt that IP bans will stop him, but it will make it harder and slower to create accounts. [quote]I think the best solution would be to add forum moderators, in particular finding some who are available during the off hours when the rest of staff aren't around.[/quote] I 100% agree with this. Both @Meta and @starsmiley are in north america, so if someone in australia or something posts something innapropriate and/or malicious, it won't get dealt with until the morning. Right now, we have unbanned bots in the introductions thread that have been there for 8 hours. I also think there needs to be more than 2 site staff.

[quote=hahhah42]SMS is easily the weakest and should be avoided.[/quote]

@hahhah42 That link was a great read! Yeah, in that case I would stay clear from using SMS.

Having forum mods in different timezones certainly wouldn't hurt, so I don't see why not. They could even be volunteers like a few previous mods in the event Elo doesn't feel like opening up the piggybank.

I don't have much knowledge about cyber security to make an assumption, but would it be fine if SMS was used just for commenting rights and DM rights, as it is the only form of social interaction on the website, but not for direct account access? I know, it would be an extra hassle, would be an extra step for moderators to comment on stuff ( While I honestly think it's not a big deal, but i'm not a moderator to have an opnion on that) and the phone numbers are a sensitive info nowdays with everything connecting to our phones, but it is one of the only ways I can think of efficiently stopping one person who isn't educated on how to fake a SIM and get SMS using that, and since in order to use a SIM service you need to provide your Social Security Number (at least that's how it is in my country), even buying multiple SIM chips wouldn't do the trick.

Yes, SMS isn't safe at all for account protection, but I've seen stuff like Discord and (I think) twitch have limitations for certain servers or channels, where in some of them the moderator can add a 2FA requirement where the person needs to register their phone number and input a code from SMS, which allows them to talk in the server. I believe this is separete from the regular Discord 2FA for account access, which is why I suggested SMS. The main issue I see is not trusting the website with your number, which is fair and I probably wouldn't either.

Again please correct me if I'm poorly informed, It just saddens me we are witnessing a severe case of... you know what. And we can't do nothing to protect the victim(s). Of course they are the ones who need to seek help, but it would be so nice if there was a solution to prevent this situation to happen again in the future to anyone.

[quote=KasumiGin]would be an extra step for moderators to comment on stuff ( While I honestly think it's not a big deal, but i'm not a moderator to have an opnion on that[/quote] Bear in mind that people use the leaderboard-specific forums to request new categories, clarifications/changes to the rules, issues with a run on the leaderboard, etc. Moderators should be able to reply to these threads. I only moderate very low activity games, but such threads still come up maybe once a month. People who moderate more active games may need to use the forums more, assuming they don't redirect users to discord.

Regarding SMS—I'm more paranoid than the typical person about sharing information, but my main issue with sharing my phone number is that pretty much every bank/financial site requires that information, so sharing it elsewhere gives malicious actors a better chance of getting hold of it and attempting to use it for social engineering hacks where they could do the most damage. (Flip side being, if my bank gets hacked, my phone number getting leaked is the least of my concerns.) As such, I do not give my phone number to any non-financial site at all, including youtube. That's why I can't upload vids longer than 15 minutes there.

Anyway, if forum moderators aren't going to be added, another potential solution would be offering a report button for individual posts and putting a setting on new/low activity accounts that automatically and provisionally bans them if a sufficient number of people report one of their posts (say 5 or so). This would catch most bots & trolls, but avoid letting trolls wield it against established accounts—5 of us could report the stalker and get his latest account banned within minutes, but he wouldn't be able to create 5 accounts to ban his target.

[quote]If anything, it'd be nice for token-based 2FA, like Authy, to be used. The one downside to this is not everyone has a smartphone, more than likely a lot of the younger users here.[/quote] They could add TOTP authentication as an alternate to the email authentication, allowing moderators to choose between them. That was my request in the thread linked above. Plus, there are desktop options for it, including Authy.