I created an account on mastodon.social a few days ago. A day after creation, my account was suspended. My appeal was denied and no reason was given. So I assumed mastodon.social was not accepting new accounts, so I moved over to mastodon.online and created an account there. Today that account was suspended as well, again without reason. I didn't post anything from either account. My only actions were to follow a few people within tech.
Looking at previous posts here, people are laughing at complaints about difficulties of joining mastodon and pushing it away as a simple task. I have now attempted to join two of the highest suggested servers of mastodon and gotten suspended from both. I am uninterested in shotgunning servers until I find one which doesn't suspend me without reason.
How is the onboarding process of mastodon supposed to work if the top suggested servers are suspending new accounts without warning or reason?
I just don't see how the username is an attack vector. The sign-up has email verification and CAPTCHA. Requiring the username to be something sensible seems excessive.
But honestly, I don't know. Maybe this stops a lot more bot farms than I'd expect.
Captchas and email verifications can be easily bypassed.
Emails, sure. Captchas require a fair bit of elbow grease. Generating a random username which looks fine is nothing in the landscape of bot protection.
This does not make suspicious random usernames not spam. They generally are spam accounts.
A recent spam I just received five days ago was from @oyPhFrxPx0@mastodon.social.