Goggles noCaptcha reCAPTCHA

These requests for comments/change have lead to an implemented feature that has been successfully merged into the 3.2/Rhea branch. Everything listed in this forum will be available in phpBB 3.2.

Use noCAPTCHA reCAPTCHA

Yes the core code should change
37
84%
Yes but as an extension
7
16%
No I like spammers
0
No votes
 
Total votes: 44

User avatar
RMcGirr83
Registered User
Posts: 357
Joined: Fri Mar 09, 2007 1:51 am
Contact:

Re: Goggles noCaptcha reCAPTCHA

Post by RMcGirr83 » Wed Apr 08, 2015 6:15 pm

M.Gaetan89 wrote:Isn't it better to have "only" 2 working captchas (for the end-user) instead of more with some broken ones?
+1

While quantity is nice, quality is always better.
Do not hire Christian Bullock he won't finish the job and will keep your money

User avatar
Louis7777
Registered User
Posts: 378
Joined: Fri Apr 04, 2014 12:32 am

Re: Goggles noCaptcha reCAPTCHA

Post by Louis7777 » Wed Apr 08, 2015 6:49 pm

Would the 2 working captchas be the Q&A and the "noCAPTCHA reCAPTCHA"?

I've always used the GD CAPTCHA along with daroPL_AntiSpam for 3.0.x and never got any spammers.

Maybe I have been lucky... or maybe it is not totally worthless?

Perhaps it's better to keep it if it can still stop at least the majority of spammers (and because it doesn't require a private key and I don't like to depend on Google :P).

User avatar
Pony99CA
Registered User
Posts: 986
Joined: Sun Feb 08, 2009 2:35 am
Location: Hollister, CA
Contact:

Re: Goggles noCaptcha reCAPTCHA

Post by Pony99CA » Fri Apr 10, 2015 2:04 am

Louis7777 wrote:Would the 2 working captchas be the Q&A and the "noCAPTCHA reCAPTCHA"?
That's what I think.
Louis7777 wrote:I've always used the GD CAPTCHA along with daroPL_AntiSpam for 3.0.x and never got any spammers.

Maybe I have been lucky... or maybe it is not totally worthless?
According to Kevin on the Support team, all "squiggly letter" CAPTCHAs have been broken.

I doubt that you've been lucky -- that MOD has probably kept the spammers out. Try switching to a simple Q&A CAPTCHA (like "Are you a spammer?") and see if you have any problems. If not, keep the Q&A CAPTCHA (it's more accessible than image-based CAPTCHAs, too -- why annoy your users if you don't have to? :D).

Steve
Silicon Valley Pocket PC (http://www.svpocketpc.com)
Creator of manage_bots and spoof_user (ask me)
Need hosting for a small forum with full cPanel & MySQL access? Contact me or PM me.

aleha
Registered User
Posts: 143
Joined: Tue Mar 26, 2013 2:19 am

Re: Goggles noCaptcha reCAPTCHA

Post by aleha » Sat Apr 11, 2015 12:49 am

+1 for having this in the core, replacing current reCAPTCHA
+1 for keeping Q&A, using noCAPTCHA reCAPTCHA, and removing "unfixable" captcha code

User avatar
Louis7777
Registered User
Posts: 378
Joined: Fri Apr 04, 2014 12:32 am

Re: Goggles noCaptcha reCAPTCHA

Post by Louis7777 » Mon Apr 13, 2015 4:19 pm

Pony99CA wrote: I doubt that you've been lucky -- that MOD has probably kept the spammers out. Try switching to a simple Q&A CAPTCHA (like "Are you a spammer?") and see if you have any problems. If not, keep the Q&A CAPTCHA (it's more accessible than image-based CAPTCHAs, too -- why annoy your users if you don't have to? :D).
I know it was the MOD but it was applied on the GD CAPTCHA, so maybe we should tweak it and keep it?

User avatar
Elsensee
Development Team
Development Team
Posts: 36
Joined: Sun Mar 16, 2014 1:08 pm
Location: Hamburg, Germany
Contact:

Re: Goggles noCaptcha reCAPTCHA

Post by Elsensee » Mon Apr 13, 2015 5:02 pm

Louis7777 wrote:I know it was the MOD but it was applied on the GD CAPTCHA, so maybe we should tweak it and keep it?
This might help but only for some time.
In general, CAPTCHAs are only really safe if they aren't used widely. If they're used widely, more spammers will try to break them. (with success, unfortunately)
I know, you were talking about that modification but that's just the same thing. It's a simple measure and won't keep spammers out for very long.

The Q&A CAPTCHA however works better since it uses simple questions, instead of pictures, which can easily be removed and added. So if you're noticing that the questions are too weak, just remove them, add some new and your forum is protected again.

I don't know exactly how Googles new technique in their noCAPTCHA reCAPTCHA works but it looks very promising. We should definitely integrate this into the core.

User avatar
RMcGirr83
Registered User
Posts: 357
Joined: Fri Mar 09, 2007 1:51 am
Contact:

Re: Goggles noCaptcha reCAPTCHA

Post by RMcGirr83 » Mon Apr 27, 2015 3:05 pm

Do not hire Christian Bullock he won't finish the job and will keep your money

User avatar
jsebean
Registered User
Posts: 165
Joined: Wed Nov 17, 2010 1:40 am
Location: Atlantic Canada

Re: Goggles noCaptcha reCAPTCHA

Post by jsebean » Sun Jan 31, 2016 8:05 pm

aleha wrote:
Sat Apr 11, 2015 12:49 am
+1 for having this in the core, replacing current reCAPTCHA
+1 for keeping Q&A, using noCAPTCHA reCAPTCHA, and removing "unfixable" captcha code
I agree with this, but I'm concerned with quick installs of boards where board maintainers may not quite understand the implications of not configuring their captcha. Of course, it would be no different from now, where the captchas are broken. However, shouldn't the installer at least tell them or give them an option to set their Q&A questions or give them the option to apply the API key from the installer, and advise them that by not doing either they risk a spam infested board?

JMHO
-Jonah
-Jonah

Post Reply