I have a question about email verification and user registration. The other day I created accounts for both Twitter and Facebook and I realized in either of them I was asked to fill a CAPTCHA. And even before validating my email account I could already use my account and add friends and all that. Supposedly I had limited options, but didn't even realized it.
My question is, as I'm building a website with user registration myself and I'm planning on use this method, how to deal with spam, "junk accounts" and people that don't validate their email accounts?
And more realistically, I was thinking either asking for a CAPTCHA and an email (and let users verify their accounts later on) or asking for an email and waiting for it to be verified (with a link or a temporal password) right away. In this case, which is the best option? Thanks!!
It's debate question which is good or bad. I personally feel Use email verification by sending link on email account and verify that link on click. This will let you trusted user.
By the way captcha isn't bad. It will prevent automated account creation strongly.