Lately I've been getting reCAPTCHA prompts all the time even though I'm not browsing in incognito mode and haven't cleared cookies. All I'm doing is running a very basic ad blocker, using Safari (which blocks third-party tracking), and very rarely loading a Google site. The most interaction I have with Google is when I end up having to use my corporate Google account as SSO for some other site.
Given that I'm not doing anything unusual, it really feels to me like reCAPTCHA, for all its complexity, boils down to "what's your history using Google software? Oh you rarely use it? I'm gonna give you a captcha". It didn't used to be this aggressive, but it's really ramped up in the past few weeks.
I recently replaced a bunch of securimage captchas with reCAPTCHA v2. During testing I had to shut it off because it became increasingly more complicated every page reload. First it was just one page of traffic lights, but 20 minutes later I was having to click through 5-6 pages of images. This worries me that user's might get pissed off. I'd really like to know if I've made life harder for my users in an attempt to stop the spam from the horribly broken securimage captcha.
I cancelled and deleted my Spotify account because of that. Now any site that asks me to fill a Google recaptcha is met with a swift click on the Back button.
Really? You gave up one of the best streaming music services because you had to use a captcha every now and then? Huh. Good data point. But you're probably not our target audience if you give up that easy, we sell engineering tools for solving difficult problems.
> During testing I had to shut it off because it became increasingly more complicated every page reload. First it was just one page of traffic lights, but 20 minutes later I was having to click through 5-6 pages of images. This worries me that user's might get pissed off.
Why are you now badmouthing someone else for deleting Spotify over this exact same issue?
Anecdotally, I've gotten way more reCAPTCHA prompts since disabling third-party cookies and installing Cookie AutoDelete, so I suspect you are correct.
What's their solution for any other website? It seems like they'd have a very difficult time accessing ANY site.
In a quick search it seems like NoCaptcha is the accessible answer for the issues with regular Captchas. For the most part it seems to work, most of the complaints here seem to stem from people trying to actively block some of the evaluation metrics used by the checkbox (cookies,javascript,user strings,fingerprinting,etc) which makes them look very different from normal traffic which kind of by necessity makes them look a lot more like bots.
>which makes them look very different from normal traffic which kind of by necessity makes them look a lot more like bots.
But if they are doing so because they are disabled, and the difference means they receive a worse experience, may result in an ADA complaint (especially if a government service falling under section 508 is involved).
Nonono, disabled people might be barred from using a service because of excessive recaptcha. That's what he means. I also think he really meant CVAA rather than ADA though.
That only really leaves blind deaf people out, at which point we might be reaching the limits of any technology to provide access to everyone without a tooooon of work.
Yeah but most people won't trigger that. Seems like most of the complaints here about triggering it often are from people who are blocking js/cookies/randomizing user strings. The NoCaptcha check box itself is better than the old system where everyone had to do the Captcha at least.
It happens to me occasionally and I am basically blacklisted from the internet. I have to solve 5 in a row and if I screw up its idea of what a streetsign is, I have to start over. It has made me cut out usage of most sites that use this broken and abusive tech. Welcome to the digital ghetto.
I have noticed this too. I've switched to DuckDuckGo for everything and I haven't changed my habits. Started getting more captchas a couple weeks ago and I know I answered several of them correctly (I'd get tested 3 times in a row).
It is also plausible that because google analytics runs on so many sites that they could do something shady like put you in a pester segment if they see you coming from duckduckgo to other sites frequently. It is not hard to imaging using Recaptcha as a nuisance against other search traffic providers.
I doubt that many people would make a connection between their search engine and seeing captchas on other sites. So limited gain for, if anything, many unnecessary complaints.
This is why I love container tabs in Firefox. I like putting all of the recaptcha stuff in one container so it can't snoop on my other stuff (I'm too lazy to look into what it's doing with cookies and whatnot).
It'd be a good strategy if we were aiming for a totalitarian Google-sponsored police state..
Making (online or offline) life more difficult for people who don't want to use company X products could escalate to the point where you either accept the yoke and are admitted to the walled garden of "society" which company X has firmly cemented themselves under -- or you say no and find yourself unable to drive/fly/get a job/go to college/buy groceries in your town. It sounds like a big leap to make right now, but is a real possibility if Amazon/Google/FB don't get broken up soon.
Using a verified human Google history to allow people who would otherwise be flagged as potentially a bot to skip the CAPTCHA is justifiable. Setting up your reCAPTCHA such that the lack of a verified Google history is used as a "probably bot" signal is really quite awful.
This is likely due to the new canvas fingerprinting protections introduced in iOS 12 and Safari for Mojave. Google's NHT analyzers probably don't take well to these measures that attempt to defeat canvas fingerprinting.
Same here. I have an alternative browser with no ad blocker, no tracking blocker, and sometimes I just copy the website from Safari to that other browser to avoid CAPTCHA.
Sometime ago we have a provider that give us everyday different IP. Some days we just were not able to do anything without captcha. It seems that some IP addresses were in some sort of spam base
Given that I'm not doing anything unusual, it really feels to me like reCAPTCHA, for all its complexity, boils down to "what's your history using Google software? Oh you rarely use it? I'm gonna give you a captcha". It didn't used to be this aggressive, but it's really ramped up in the past few weeks.