[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Proprietary reCaptcha
From: |
bill-auger |
Subject: |
Re: Proprietary reCaptcha |
Date: |
Sun, 1 Nov 2020 11:20:49 -0500 |
On Sun, 01 Nov 2020 00:09:03 +0100 Andrea wrote:
> I wonder if someone knows a free library or script that implements
> captcha so we can suggest it as a replacement.
i wondered that myself some time ago, and i searched the web,
and asked around; and no one knew of any - there are some good
reasons why that would be the case though
firstly, captchas are greatly over-rated - they do not prevent
any person or robot from registering - their effectiveness is
mainly that they impede the number of registrations within a
given time period - the same could be accomplished with a small
guard in the server code, which logs IPs and refuses
registrations, if there has already been (say 2) registrations
from the same IP block within the previous (say 24) hours - for
the vast majority of self-hosted services, that would be nearly
as effective as a captcha, and the chances that legitimate users
would ever trigger the guard are negligible
secondly, the more popular some captcha software is, then the
less valuable it is, because popularity increases the chance
that someone has written a ready-to-use cracker for it - the
most effective captcha is one that is custom-made for, and is
used by only one website - that is the option i chose; because
we did not want to log IPs
if anyone needs a brief diversion, feel free to try it
https://labs.parabola.nu/account/register
again, that was not to suggest that anyone uses the parabola
captcha on another website - it is best if such magic tricks are
_not_ re-used widely
- Re: Proprietary reCaptcha,
bill-auger <=