2015-02-17, 12:34
(2015-02-17, 12:26)takoi Wrote: I think the usability can improved here. Tbh email setup is too cumbersome, and those urls are too long to remember so you have to write it down anyway. One thing I've seen getting very popular recently (especially as one time security codes) is using two randomly generated (but real) words that together doesn't make any sense. That way it will be very easy to remember. We could use that in place of the ids and urls. So when you upload the log it say 'give these words to the developer' or something. This will ofc require support from backend..
"Email setup" is totally easy: On first start the add-on just asks for your email-address, thats all.
(2015-02-17, 12:26)takoi Wrote: On security: we can at least add api keys and obfuscate it in either the addon or in core. That will at least take care of the lazy spammers.I am pretty sure that obfuscating won't help here. I know there are multiple clones of my code/add-on used "by the bad guys". They will just copy my code (its GPL, so its by design). TBH I could write an DDOS tool using my code in about 10 minutes.
Regarding spam/ddos, I only see the captcha possibility - thats what it is designed for.
