(michaels.world)

408 points blindgeek | 1 comments | 18 Nov 24 10:13 UTC | HN request time: 0.199s | source

Show context

isodev ◴[18 Nov 24 14:57 UTC] No.42172859[source]▶

Why are captchas even a thing still? If folks want to scrape something or build an automation around something, then why not let them do it? They still have to respect the system they're logging in. Not to mention the privacy perk of not exposing your visitors to some captcha service with a dozen or more data subprocessors.

replies(7): >>42172909 #>>42172918 #>>42172983 #>>42173046 #>>42173133 #>>42173317 #>>42173643 #

stanmancan ◴[18 Nov 24 15:02 UTC] No.42172918[source]▶

>>42172859 #

I had to add a captcha to a registration page a couple years ago. Bots were signing up for thousands of fake accounts with other people’s email addresses. The email confirmation we sent would then get reported as spam since the recipient didn’t sign up for our service. Our email provider suspended our account for high spam reports.

replies(2): >>42173176 #>>42174348 #

Spivak ◴[18 Nov 24 15:23 UTC] No.42173176[source]▶

>>42172918 #

I hope the other lesson was the good email verification hygiene of making the user take an affirmative action and click a "verify email" button rather then send it unsolicited.

You essentially had an open public unauthed form that would send an email to any address you typed in it. Surely that alone raises some eyebrows.

replies(3): >>42173445 #>>42173597 #>>42175621 #

1. stanmancan ◴[18 Nov 24 18:54 UTC] No.42175621[source]▶

>>42173176 #

How would adding an extra button change anything? Right now when they register we send a “verify email address” email. Adding an extra step of “click a button” makes no meaningful difference.

↑

I was banned from the hCaptcha accessibility account for not being blind (2023)