Even with false positives it won’t change anything. It’s just a small group of people. It’s worth it to “save the children”. If “the system” rejects you, then you must be at fault. Maybe we can even sell a “Super ID Check”. Just a one time $200 fee and then the system will leave you alone. (For 3 years, then pay the fee again, but renewal is even faster this time.)

I’m not a SQL wizard and I’m typing from my phone but couldn’t you just do something like,

select name from sys.tables where name like 'wp%users'

To get the table of WordPress users, then do whatever bad things you want to it?

I get that that’s an extra step, and I suppose in the example even though “best practice” is to add random characters, if everyone knows that, then best practice for bad people scripts would probably be to add an extra query.

But my real point is more about adding obfuscation for your developers and server owners. If you’re making their jobs harder for no benefit, is it a good change?

I also wonder about adding obfuscation and it causing issues when debugging.

I think adding obfuscation is fine, but it’s important to be careful when it comes to your developers and debugging.

Also sometimes Digimon split evolution into undead skeletons.