Hi Georgiy,

The new installation currently does not support the link-via-IRC method, I imagine that we could reinstate it.

Last time we discussed that, there was some concern as to whether link-via-IRC may be "too hard" for legitimate users, given how few people know about/use IRC these days.

AFAIR we had a link to IRC via web there.

I guess anything less obscure is too easy for the bots,
especially if there is no media break in there
(ie a http based captcha or so).


I could imagine having the client solve some challenge,
eg. finding some SHA256 HMAC key so that a server generated random token
comes up with 24 zero bits in front or so --
perhaps that's too expensive (ie. runs into timeouts) for spammer bots?

Currently, GitLab registration is behind a combination of Anubis and reCaptcha.

Anubis provides a challenge like the one you described (N zero bits of a hash).