Bitcoin Forum

Just want the admin to know that this "security feature" is a real pain in the ass. It sometimes takes up to 5 minutes to finally pass.  >:(

I'm not sure why you've put quotation marks around security feature, because that's exactly what it is. It prevents bots from registering, or logging in automatically, and spamming up the joint. Of course this only really prevents them.

Unfortunately, the way the forum is in its current state if we were to remove this security feature then we would have much more problems than we have with it now.

Sometimes compromises have to be made, and I would rather have to fill in a captcha than have to report more spam than there already is.

If you are using tor browser then you face this, at least it happens with me when I use tor. The best thing you can do is, (if you are using a private computer) keep the logged in feature checked at the time of logging in.

I don't understand why people have a problem with this. I would have thought that with my erretic mix of network connections, and variety of computers, that I would hit this a few times. I don't remember ever having had a captcha request with this site.

Judging by the number of spambots I've seen (and had banned), it doesn't stop the bots.

A "normal" internet connection shouldn't have much problems with it, reCAPTCHA is terrible when you use Tor. I've basically giving up trying to access sites with reCAPTCHA through Tor. It can take up to 10 minutes, and you'll still end up with a time out after clicking many captchas that load very slow.

This is terrible when you clicking the incorrect properties mentioned in the captcha you see on the webpage while you logging into the forum mate. If you done it perfectly then there is no problem in logging in to the account bro.
So you just be careful on that and then you will not get any issues. For this and all it is not seems good report with moderator.

They will always find ways to register and spam the forum with those useless ICOs. I've seen and reported those bot accounts but they keep sprouting like mushrooms. What more if those captchas are not around, we could be seeing a lot ICO's always on the first page bumped by those bots. If there's another way to prevent them from posting automatically I would like to see them implemented around the forum. Like we need to solve a captcha for every post that we make.

A single account will not suffer from this problem.
Let's assume the scenario is that it takes about 10 minutes to use your browser with high privacy, clicking "Always stay logged in" will enable you to browse without restrictions for a period.
You can access multiple devices "It is easy to bypass Captcha using real addresses" without the effect of that feature "Always stay logged in." [do not Logout.]

I have to solve reCAPTCHA challenges via Tor all the time, and while it definitely takes longer than normal, I can still do it within a couple of minutes 95% of the time. Sometimes reCAPTCHA will totally block an IP address, or put an IP address onto a near-impossible level of difficulty, but it's rare, and the solution to that is to just get a different Tor exit.

That's why I was careful on how I worded that. I believe that it prevents some bots, but obviously doesn't completely stop them.

If you don't log out often then you wouldn't. Plus, Captchas on Tor Browser can be a real pain for what ever reason. It only takes requesting a new tor circuit for the site, but that can take a few tries occasionally.

Yeah, but try, and disable captchas, and see how far up shit street we would be then. At least with the Captchas it requires time, and effort to do it. Maybe they have a way of paying for people to do the work for them like the old text captchas had, but it still requires an investment, and at least stops certain people from exploiting the forum.

Every post would be annoying for people on Tor connections think. But, adding the text captchas could be a good idea, and would at least require an investment from the people bumping. I know full well how bad the altcoin section is, and how over run it's getting, and often find myself spending way too much time trying to fight it. No doubt I'll continue doing so though :P

Will this change with the new software a lot of people using tor now? Shall we still use reCaptcha or maybe an alternative?

 I gave up using tor some time ago, as I couldn't log for more than half an hour trying, and then read the comments about the problem.

I'll give it a try again with a different exit, as I get back from vacation :)

IF you are using TOR you can do a symple trick, to trick the system.
One you completed the 1st captcha wait 10 second, and go with the second and so on, you will increase you success ratio. ;)

5 minutes? Why too long? I know that solving captchas before logging in here changed in order to provide additional security, as far as I remembered it was only 3 - 4 captchas before but now it goes up to 5 - 6 . But despite the changes, it's still hassle-free for me simply because it's easy for a human to solve it. Maybe you are experiencing "reconnecting to captcha" that's why it took you 5 min. (probably due to slow internet). Just a tip, check the "always logged in" and do not delete the "forms" in the settings of your browser.

I don't use Tor and I've run into situations like this when my wi-fi connection is lousy.  You really have to stay logged in to avoid this problem altogether.  I understand that not everyone can do this, because of being on a shared computer or whatever, but I don't think Theymos is going to do away with this particular security feature when the overall security on bitcointalk is pretty bad as it is. 

We used to have a real problem with bots that would create new accounts and post total nonsense, but that was before the captcha was implemented--so I think it has certainly helped things.  It's an inconvenience, yes, but it's one of those things we all just kind of have to suck up and accept.

Well, that's how things work. Just keep trying until you successfully passed it. Let me tell you some tricks to prevent errors in Captcha.

1. Just make sure that you have a strong Internet connection, sometimes Captcha's keep showing errors because your Internet connection is way too slow. I've experienced it a lot when I'm having a turtle net.
2. If you don't want to face this Captcha every time. Just save your Bitcointalk.org's password in your browser. So that it won't be necessary to log-in everytime. But saving your password is obviously not safe if you're browsing Bitcointalk in computer shops. Your account might get compromised if left logged-in.
3. Just use a normal browser like (I highly recommend) Google chrome when browsing Bitcointalk. Using Tor sometimes gives an enormous number of errors when solving Captchas.
4. And the last but not the least. Make sure that you're a real human  :D Aliens and bots can't read Captchas, I'm afraid that you might be one of them.

 

I've just hit the captcha login. I'm using Ubuntu on a netbook, and the WiFi is at the supermarket, and it's slow and spotty. The captcha was no problem at all, just an extra couple of clicks - remembering the password was a bit more of a problem though. :)

That's one of the problems of saving it in your browser. If you switch computers after some time, you need to fire up the brain.

The thing with reCaptcha is the more of them you do the more difficult Google makes them to solve. The people complaining about the login to the forum captcha are probably running dozens of accounts and have to keep logging in and out all day.

Wrong.Where did you get that information from? (Being someone who constantly keeps digging deep in their new 'I'm not a Human' AI stuff, I'm pretty sure it doesn't work that way)

- > It all revolves around risk-analysis which is the underlying principle of reCaptcha.

- > I won't elaborate much but once the captcha is initialised on a webpage, that is the widget, information of user's browser is sent to the server.Data about site's cookies, Ip etc are also sent to the server where it is run through their 'risk-analysis-engine'.(I don't think this engine is open-sourced to know how stuff happens internally).

- > If verified successfully by the engine, a shared token along with  the IP address is sent back in the response.Additionally this resides in the browser as a cookie. If an IP is white listed,it doesn't matter how many accounts you use to login with the same IP, captcha re-captcha will always allow you to pass. Unless you are making a number of requests at the same time which often is the case when a DDOS takes place.

- > Basically, the first verification from a particular browser/IP/human checks which are ran through the risk-analysis engine decides if that IP should be white-listed.


Provided, they are changing IP's, using a VPN and or using incognito tabs. 

From experimentation. I've found if I keep to a low number I don't get challenged beyond the first tick. After that, if I do many in a short time they get progressively more difficult.

The rest of what you said is also true and I wasn't saying that was the only thing it uses but I'm pretty convinced from my own usage that it forms an important part of the risk analysis.

I have the same experience as TheQuin: captchas get worse and worse if you use them more.
I registered on this forum to post this:

The first few reCAPTCHAs per day, I can just click "I'm not a robot", and it's done. I have Gmail logged in (on the same browser). If I try this a few times, I have to solve it, and if I try it more often, it becomes harder.
The logic behind it seems to be that humans shouldn't be solving that many captchas per day, and if you do it anyway, it's suspicious.
If I try the same from a private window, I instantly have to solve the captcha at first try.

Were those really real captchas or you painted them? I doubt they were real and if by any tiny chance then I need to hire an alien to read them  :P

Those were real.

Holy hell  ::)

I have messaged the admin of a new captcha not sure whether it'll be implemented or not but that captcha is the easiest and best but. I have always hated recaptha it's a pain but finally there's a good solution, then again I'll leave it to the descetion of the admin if he feels it fit to implement or no. I'm not talking of solvemedia better than them easier, faster.

Being the best depends on which way you are looking at it. Being easier to solve usually makes it less effective against bots.

If you don't clear your browser's data (and not using private mode) you can be logged in for years (OK, for months, in a year time you have to upgrade and reinstall or change your PC anyway :) ), and you won't be bothered to log in and to solve a captcha/recaptcha.
The problem is (as were already mentioned above) when you need to log in again because of anything, you have to think hard to remember your password... (if it's not on the side of your screen on a yellow post-it, of course :) )

That's not true. Every website has a specific period for their session token to be valid. Some may keep it for week or maybe a month or two.Browser caches will be updated if session token expires and you'd be forced to log in again.
Well..it's a mind game you see. I can remember my passwords for 20+ websites. None of them are same or easily crack-able through brute-force attacks.

It happens when you where last active in other devices, left it logged in, then used it on other devices or browsers. OR you've cleared your browser's data and re-logged your account in.

________________

And, also I don't remember experiencing captcha as pain in the ass. If you are right what they require, it would be enough.

From my experience, it depends on your IP address, when you have a suspicious IP address, recaptcha will make it harder. When I use public computer I need to complete 8 captcha, and sometimes more before I can log in to my account. But when I use my own PC, it only takes 1/2. Try to use VPN it might help.

I don't know how it works but I haven't logged in since I wiped my disk to install Windows 10 a little under 2 years ago.