Google reCaptcha sucks

[davidpbrown]

Just another way Google does evil.

I'm an not a robot.. why must I work for Google! 😬

tdlr; stay logged in because logging back in is a pina.

[bL4nkcode]

You can go here to bypass google captcha https://bitcointalk.org/captcha_code.php

Just make sure you don't share the login link to anyone for security reason

[logfiles]

tdlr; stay logged in because logging back in is a pina.

It's also much more of a pain in the ass if you are Tor browser or VPN fan. There is some degree of hatred towards Tor browser by cloudflare.

[libert19]

Bitcointalk should use geetest captcha like binance, it's much less annoying.

[ChuckBuck]

Maybe you already know, but if you only use one browser and one PC, simply log in and check the "always stay logged in" box, you will not need to deal with any future reCaptcha. . Except that you own more than one account  I don't know what browser you use, but personally, I use Google Chrome and I never have to deal with any reCaptcha, I click it simply and it is verified, there's no need to verify images. It makes me feel nothing difficult here.

[mindrust]

Google recapcha sucks and it is evil but it is a necessary evil.

If people weren't trying to use bots to post shit here and on other forums, there wouldn't be any google captcha. It didn't exist few years ago.

I am not even sure if it works against all botters though. They probably found a way to bypass it too already.

[UserU]

Maybe theymos should consider hCaptcha since CloudFlare already move from reCAPTCHA to hCaptcha.


Your suggestion can't be applied to Tor Browser user, unless they're willing to change configuration of Tor Browser to remember cookies (comes with serious privacy implication though)

One gripe about hCAPCTHA is that their window is thicc! It takes like almost twice the size of reCAPTCHA.

[Lucius]

Maybe theymos should consider hCaptcha since CloudFlare already move from reCAPTCHA to hCaptcha.

I suggested the same captcha back in 2019, but I didn't get any response from admin, which means that (at least then) he didn't consider it an acceptable solution.

I know one captcha which is one of the last to appear on the market, and it was quite similar to reCaptcha, but recently has become quite difficult for most users, and is becoming less and less used.
https://www.hcaptcha.com/

As I commented then, this captcha can be quite demanding, similar to reCaptcha, sometimes a lot more demanding, which probably depends on user IP address and number of captchas user solve in some period of time.

Why is reCaptcha still the first and only choice :

reCAPTCHA is the only effective one. I just looked at FunCAPTCHA, and the rotating-pictures thing would be pretty easy to train a neural network to solve. Also, the language on the front page makes it look like it's targeted toward enterprises who'd have no problem blocking Tor. I bet they'll start blanket-banning Tor once they start losing the arms race against attackers.

[Asuspawer09]

tdlr; stay logged in because logging back in is a pina.

It's also much more of a pain in the ass if you are Tor browser or VPN fan. There is some degree of hatred towards Tor browser by cloudflare.

I've tried logging in to an unsecured computer or a rental computer and download the tor browser just to make sure.

This Google reCaptcha plus slow internet speed would annoy you for real, but I guess google is justs having its safety measures and avoiding the log-in of bots on the website so for other security reasons this is useful.

[UserU]

This Google reCaptcha plus slow internet speed would annoy you for real, but I guess google is justs having its safety measures and avoiding the log-in of bots on the website so for other security reasons this is useful.

Have you ever experience being blacklisted by reCAPTCHA?

It's a nightmare when the images just take forever to load and they immediately fail you even after submitting the correct results.

[Welsh]

Its annoying as I'm not a huge fan of Googles way of handling things a lot of the time. The privacy concerns which come with using Google services sticks out in my mind, but despite this fact their services are hugely the better of the bunch, and sometimes there has to be a compromise. I'd say there's much better alternatives to their mailing system, and their DuckDuckgo's search engine is much more consistent these days, but I'm not tried any other service which is clearly better than their captcha system.

[Jawhead999]

They probably found a way to bypass it too already.

I think you're right, I reminded about the Most time online in this forum. It's insane to stay in this forum for 7765 days. I'm not believe if they're human, probably a bot


https://bitcointalk.org/index.php?action=stats

OP, Have you encountered like this?

[ChuckBuck]

I think you're right, I reminded about the Most time online in this forum. It's insane to stay in this forum for 7765 days. I'm not believe if they're human, probably a bot

LoL  It is more than 21 years, meaning that these accounts have always been active on this forum since this forum started operations  Is it possible if a user logs in by clicking on the "always stay logged in" box? I don't understand how they keep a bot running for 21 years, I also don't understand how a person can stay on the forum so long. Really curious 

[Jawhead999]

-snip-

From what I observe, the maximum of "always stay logged in" is 3153600 minutes, so it's mean 2190 days only. Hmm
You can try also, before log in... click the always stay logged in and type wrong password or username

[ChuckBuck]

Have you ever experience being blacklisted by reCAPTCHA?
It's a nightmare when the images just take forever to load and they immediately fail you even after submitting the correct results.

According to your description, the images will appear forever even though I have chosen them correctly. I experienced it a few years ago, almost five years ago when I was accessing the internet at a game center. It never stops, even if I choose right but it still reports wrong. Definitely I am on their blacklist  (that game center)

From what I observe, the maximum of "always stay logged in" is 3153600 minutes, so it's mean 2190 days only. Hmm
You can try also, before log in... click the always stay logged in and type wrong password or username

I tried, it's like what you put out. So bot is the most accurate solution. But how can they maintain the bot for 21 years, and what is the purpose? There are many people with equivalent login time 

[Chikito]

The main reason why the log in captcha is necessary at all is that whenever some site's username/password database is leaked anywhere on the Internet, hackers would come and try all of those logins here, grabbing a few accounts from people who shared passwords, and sometimes slowing down the forum from the rapid barrage of login attempts. These codes are sufficient for preventing that on any large scale. For individual users, the main thing is to not share passwords, not even with minor variations between sites.

I am not even sure if it works against all botters though. They probably found a way to bypass it too already.

2captcha tool can bypass Recaptcha

LoL  It is more than 21 years, meaning that these accounts have always been active on this forum since this forum started operations  Is it possible if a user logs in by clicking on the "always stay logged in" box? I don't understand how they keep a bot running for 21 years, I also don't understand how a person can stay on the forum for so long. Really curious 

this something like a bug or some one use autorefresh tool to keep online. any reason, bitcointalk statistic isn't updating along time ago,  Administrator disabled it. you can see forum history last update is December 2017, same time theymos posting https://bitcointalk.org/index.php?topic=2579287.msg26277509#msg26277509

this many time discuss here
https://bitcointalk.org/index.php?topic=5179823.0
https://bitcointalk.org/index.php?topic=3173586.0

[UserU]

According to your description, the images will appear forever even though I have chosen them correctly. I experienced it a few years ago, almost five years ago when I was accessing the internet at a game center. It never stops, even if I choose right but it still reports wrong. Definitely I am on their blacklist  (that game center)

It's actually tied to your Google account tho. The moment you logout or go incognito, it functions normally.

[ChuckBuck]

this something like a bug or some one use autorefresh tool to keep online. any reason, bitcointalk statistic isn't updating along time ago,  Administrator disabled it. you can see forum history last update is December 2017, same time theymos posting https://bitcointalk.org/index.php?topic=2579287.msg26277509#msg26277509

Thank you for this useful information 

It's actually tied to your Google account tho. The moment you logout or go incognito, it functions normally.

Really? I did not experience that with my Google account. I never log in to my Google account on strange browsers (game center), it can be a hassle. I have the above problem when I am using anonymity, this may affect because of another factor, i dont know. For my Google account, it has always been alright from the start, now, I don't even need to go through the verification process, just 1 click to get it 

[UserU]

Really? I did not experience that with my Google account. I never log in to my Google account on strange browsers (game center), it can be a hassle. I have the above problem when I am using anonymity, this may affect because of another factor, i dont know. For my Google account, it has always been alright from the start, now, I don't even need to go through the verification process, just 1 click to get it 

Yup, my account was blacklisted for 3 years. Back when reCAPTCHA dominated all gambling and faucet sites, I nearly flipped the table each time I attempted to claim. Maybe because I acted like a bot 🙈

That's probably reCAPTCHA V3. It will detect if you're a bot, else it won't show up.

[mprep]

<...>
I am not even sure if it works against all botters though. They probably found a way to bypass it too already.

Captcha isn't meant to prevent attacks, it's meant to make them much more expensive to scale. Blasting thousands of HTTP requests costs next to nothing. Having each of those requests tied to a reCAPTCHA solve makes it around $1.5-$2.5 per thousand requests. A rather small cost for spam-based promoters (though if you're doing it internet-scale, it does add up), a massive cost for login bruteforcers (the main culprits responsible for the addition of reCAPTCHA to the login screen).

Bitcointalk should use geetest captcha like binance, it's much less annoying.

Since their website doesn't mention a specific price, I'd assume it's aimed at "enterprise" customers. Meaning, it'd cost a crap ton + not be targeted towards privacy-centric websites (e.g. by blacklisting TOR exit node IPs).

Have you ever experience being blacklisted by reCAPTCHA?
It's a nightmare when the images just take forever to load and they immediately fail you even after submitting the correct results.

According to your description, the images will appear forever even though I have chosen them correctly. I experienced it a few years ago, almost five years ago when I was accessing the internet at a game center. It never stops, even if I choose right but it still reports wrong. Definitely I am on their blacklist   (that game center)

AFAIK that's intentional. If reCAPTCHA has deemed you (with extremely high likelihood) to be a bot, it'll pretend that you still have a chance while auto-failing any of your attempts. The website you were the trying to solve the captcha in might've also selected the more strict security setting when setting up their reCAPTCHA integration.

I also have encountered cases where if you go through several attempts at completing the captcha (which you know you've done perfectly, yet they "failed"), it'll let you through.

<...>
Back when reCAPTCHA dominated all gambling and faucet sites, I nearly flipped the table each time I attempted to claim. Maybe because I acted like a bot 🙈

That's probably reCAPTCHA V3. It will detect if you're a bot, else it won't show up.

The more reCAPTCHAs you fill out (even if you do so successfully), the more suspicious you are to Google, the harder the captcha gets (up until you get secretly marked as a bot). Also, chances are that wasn't v3.

There's a way for the v2 to be implemented that it isn't even shown if no action is required from the user's end (the equivalent of clicking on it and the check mark immediately popping up). v3 silently collects behavioral data in the background, gives the website a score of how likely it is that you're a bot and then the website decides what it wants to do (deny an action, require manual review of said action, serve you up with a reCAPTCHA v2, etc.). I assume v2 also collects behavioral data though probably much less (since Google recommends you put the v3 on every page so that it could "get a feel" for how a regular visitor on your site behaves).