Hi,
So I'm trying to track down the cause of an issue that we have been having which is Mystery accounts. Every couple of days we end up with an account that was created on the web that has a patrons first and last name (sometimes Jubberish) and email address, but the postal address says "Web Added" and the postal code is 99999. These accounts never have orders and are generally just useless information sitting in our constiuences records. I have read in some forums a similar thing can happen if a patron does not complete the registration process, but I can not seem to recreated this. It stops me anytime I have not entered information into the required postal information fields, but non of my attempts have resulted in one of these mystery accounts. Due to the fact that many of the names seem a bit foriegn and the email addresses are often email services I have never heard of my thought thus far is that they may be addresses out side of the U.S. that are not being recognized by the system and then forcing through incomplete accounts. Has anyone else had this happening and/or have any thoughts on this?
Thanks
Hi Patrick -
We had a problem like that and determined that we were having bots try and create accounts (most likely for nefarious means). We added some behind the scenes checking to our account page which. We added a "jsDetect" blank form field in the registration page. The whole thing is then encoded so it's even less obvious what's going on.
This is not foolproof... anything that makes things easier for users is also going to make it easier for a hacker, but it at least prevents a simple script from creating users.
HTH,
Heather