←back to thread

I was banned from the hCaptcha accessibility account for not being blind (2023)

(michaels.world)
405 points blindgeek | 5 comments | 18 Nov 24 10:13 UTC | HN request time: 0.851s | source
Show context
isodev ◴[18 Nov 24 14:57 UTC] No.42172859[source]
Why are captchas even a thing still? If folks want to scrape something or build an automation around something, then why not let them do it? They still have to respect the system they're logging in. Not to mention the privacy perk of not exposing your visitors to some captcha service with a dozen or more data subprocessors.
replies(7): >>42172909 #>>42172918 #>>42172983 #>>42173046 #>>42173133 #>>42173317 #>>42173643 #
stanmancan ◴[18 Nov 24 15:02 UTC] No.42172918[source]
I had to add a captcha to a registration page a couple years ago. Bots were signing up for thousands of fake accounts with other people’s email addresses. The email confirmation we sent would then get reported as spam since the recipient didn’t sign up for our service. Our email provider suspended our account for high spam reports.
replies(2): >>42173176 #>>42174348 #
1. Spivak ◴[18 Nov 24 15:23 UTC] No.42173176[source]
I hope the other lesson was the good email verification hygiene of making the user take an affirmative action and click a "verify email" button rather then send it unsolicited.

You essentially had an open public unauthed form that would send an email to any address you typed in it. Surely that alone raises some eyebrows.

replies(3): >>42173445 #>>42173597 #>>42175621 #
2. toast0 ◴[18 Nov 24 15:44 UTC] No.42173445[source]
How do you authenticate a verify email button?
replies(1): >>42173553 #
3. klez ◴[18 Nov 24 15:54 UTC] No.42173553[source]
It took me a while to understand what GP was trying to say, but I suppose they're thinking of one of those sites where they let you create an account, will let you in and then nag you for a while about "verifying your email address" by clicking a link that will actually send you an email. An unsophisticated spambot won't probably care enough to click through that.
4. binarycoffee ◴[18 Nov 24 15:57 UTC] No.42173597[source]
Not a solution. Verification emails alone got a small web site I set up to be blacklisted within days. Most of the unwilling recipients presumably couldn't understand the language the verification email was written in and reported it as spam.
5. stanmancan ◴[18 Nov 24 18:54 UTC] No.42175621[source]
How would adding an extra button change anything? Right now when they register we send a “verify email address” email. Adding an extra step of “click a button” makes no meaningful difference.