I’ve been noticing an influx of users with anonomized usernames (ie: fjdasklfpudiosa722104891fdaf20j.srv.us).

As a moderator this concerns me because it immediately triggers a ‘this is a bot or nefarious actor’ instinct. Is there any reason not to be wary of these accounts?

  • paequ2@lemmy.todayEnglish
    3·
    1 day ago

    😆😂🤣 Uuuuhh… Aaaah… I normally generate a random password and use it as my username for most services. Like even my bank.

    This is because I’ve realized the username is mostly useless and is just a handle for my account. It doesn’t matter to me if my username is jsmith, meow123, or kekxbek. In fact, it’s easier if I don’t have to come up with something novel or cool. Either way it goes in my password manager, so it’s not like I have to even remember it.

    I’m a real boy. I promise. Not a malicious bot.

    Although… If I were a malicious bot, that’s exactly what I would say! 😲

  • x00z@lemmy.worldEnglish
    7·
    2 days ago

    Privacy.

    You can be suspicious but shouldn’t just outright start banning them.

  • swelter_spark@reddthat.comEnglish
    5·
    2 days ago

    I always use randomly-generated user names. I try to avoid strings of random numbers and letters, but coming up with reasonably nice-looking random names is time-consuming, and some people might not care that much.

    • AA5B@lemmy.worldEnglish
      1·
      2 days ago

      Have you found a convenient way of generating those? And does it integrate with any password manager you might be using?

      I use Apples “Hide my email” with the password manager so I always have a randomly generated email and randomly generated password and they’re managed together. However there’s not really support for a username distinct from but in addition to email, nor a way to generate those randomly

  • AA5B@lemmy.worldEnglish
    2·
    2 days ago

    It’s actually a good idea - I need to figure out how to do that.

    For the last several years I’ve used randomly generated email addresses for every account. I can turn off forwarding when they’re inevitably leaked to spammers and there’s one less thing for demographers to aggregate data on me with. That works well when every service insists on a working email address.

    But then I get lazy and use a more obvious username so I can remember it. I need to be able to auto-generate those as well

  • mEEGal@lemmy.worldEnglish
    511·
    4 days ago

    sounds reasonable, because this definitely looks like low-effort bots

  • symbolic@infosec.pubEnglish
    38·
    4 days ago

    I’ve been using Fedi for a long time and from the very beginning I’ve been afraid of spam and bots ruining it, at least temporarily. Spam is still a problem with e-mail, and it’s been around for 40 years and they’ve developed very sophisticated anti-spam mitigations for it.

    • James R Kirk@startrek.websiteEnglish
      2·
      2 days ago

      If an instance has a lot of spam, admins tend to notice and block it. In the future it’s likely admins will have more tools too, but for now the system works pretty well.

  • ddh@lemmy.sdf.orgEnglish
    17·
    4 days ago

    No more wary than, say, CriticalBadger or SuccessfulCrab45. Some of the more obvious bots have very normal-looking names.

  • Kualdir@feddit.nlEnglish
    26·
    4 days ago

    Technically it can be someone who just wants to be anonymous, but honestly they could at least use something readable

    • Burstar@sopuli.xyzOPEnglish
      3·
      4 days ago

      Which the reason afaik they have such a weird name is:

      Wierdly, when I click on the link I get a ‘server cannot handle the request error’.

      Regardless, I agree that it ‘acts’ like a legit account, but still think it’s sus as hell. That entry in the modlog is from today, but I’ve definitely handled similar accounts in the past, and seen others do so elsewhere.

      • fxomt@lemmy.dbzer0.comEnglish
        101·
        4 days ago

        Sorry bout that. Instance was down for some time.

        Anyways here’s a mirror just in case

        That entry in the modlog is from today, but I’ve definitely handled similar accounts in the past, and seen others do so elsewhere.

        I didn’t see any of that, but i’ll take your word for it. Still, this is most likely, if not definitely a real account.

  • e0qdk@reddthat.comEnglish
    14·
    4 days ago

    I picked an RNG name since my old common username (from reddit, etc) was not available when I started on kbin.social (RIP) and I couldn’t think of anything else I wanted to be called. I deliberately kept it short though. Not sure what to make of other RNG names – esp. long unintelligible ones – but I’ve seen at least one account that I think is legit which has a long, bizarre RNG-looking username and a non-English display name, so 🤷️

  • user@startrek.websiteEnglish
    141·
    4 days ago

    You’re mostly right – those names sound like overkill. However do note I have been using Bitwarden’s Name Generator (random noun + number) and I’ve evolved the scheme a bit ( it is now always ‘user’ and I keep adding numbers until the generated username is available ).

  • hisao@ani.socialEnglish
    10·
    4 days ago

    My first guess with this would be: they were read-only, then they wanted to post something or write a reply to someone and at the time considered it to be a one-time thing and created sort of “throwaway account” for that specifically, but then they kept visiting the place and it kind of just stick with them. Yet again, my guess might be completely wrong. But at least this is one of the possible motivations behind such accounts.

  • crawancon@lemm.eeEnglish
    3·
    4 days ago

    maybe we could create a suspicious account review channel and submit them there for folks to do some digg’ing.

    not sure about comms with other Admins but it would be nice to harmonize efforts amongst them a bit more/better.