... or you'll need to stop using reCAPTCHA if you want to get any traffic on your Web site.
I know, people will slavishly knuckle under, but let me dream for a few minutes.
... or you'll need to stop using reCAPTCHA if you want to get any traffic on your Web site.
I know, people will slavishly knuckle under, but let me dream for a few minutes.
99.999% of people don't give a shit and don't even know what this means. They'll follow the instructions. These are the same 99.999% of people who press win+R ctrl+V enter when the captcha prompts them to. Because do this to see the dancing bunnies.
> press win+R ctrl+V
LOL is this real?
I guess yes, because yesterday ReCaptcha asked me to screenshot a QR-code with the mobilephone :-D
It’s a common thing for malware. But people are going to be more likely to fall for it when mainstream sites ask you to complete weird tasks with your phone to verify your identity.
People are constantly made to jump through strange hoops to do things on the internet. Unless you're really keyed in to what's going on, it's easy to fall for stuff like that.
It is. There are fake Cloudflare CAPTCHAs on pwned Wordpress sites that instruct users to run Powershell scripts.
Yeah, this is going to turn into another malware vector, isn't it?
Discord has a feature where you can log into your account on your PC by scanning a code on your phone.
So does Binance.
Those are good things though? They’re about logging in, on purpose.
Not about attesting to Google that you have a proper smartphone as a proxy for your humanity, like this thing.
To prove you're not a bot, scan this QR code with Discord.
But none of those options are requirements to access the service.
They're requirements to access my website though! To prove you're not a bot, scan this QR code - with Discord.
So does Signal.
But Signal is secure(TM)!
They will do exactly as it says while also ceaselessly complaining, completely unable to connect their choice to use a website with the pain of using that website.
There's some sort of serious issue with learned helplessness or something
It's almost like some people aren't IT hobbyists.
I'm not a heart surgery hobbyist, therefore I don't chop people's chests open, no matter who suggests it.
I have blocked it for years with ublock origin, if a site doesn't work, ctrl-w. Nowadays i cannot even use google search because of this, any search will trigger a captcha, hilarious (atleast on chromium-based browsers, firefox lets me get a page or two).
Ditch Google Search as well then, use something like SearXNG or another meta-search engine. You'll get more representative results, no tracking and no captchas. Sometimes some of the engines may return captchas but they're kept from the search results, i.e. those engines don't get used for the query. You can run your own instance of SearXNG or one of the alternatives or use one of the available public instances, your choice. The fewer direct interactions with the likes of Google/Apple/Microsoft/etc. the better.
The thing is even a contact form without something like reCaptcha is doomed on today's web: spam all day.
If it's just a contact form on some random site that isn't particularly valuable to spammers, a bespoke solution like hidden input fields, obfuscation, or some kind of token calculated client-side by JS will probably work just as well.
That used to be the case, unfortuantely today even bespoke solutions can be completed by automation - any anything that just requires running JS in a headless browser was ineffective for a long time already.