I have not started a ticket for this just looking for feedback. Google has implemented a new sort of Captcha that they are referring to as the "nocaptcha recaptcha".
Thought is to replace the current reCaptcha with this version. I have mocked up my test forum to see how it works and have attached some pics for discussion.
So here's the question. Should this be incorporated to change the core code of the software to use it instead of the current iteration or as an extension. Pretty sure everyone is aware that the current implementation of reCAPTCHA has been broken for quite a while now.
Goggles noCaptcha reCAPTCHA
Goggles noCaptcha reCAPTCHA
Do not hire Christian Bullock he won't finish the job and will keep your money
Re: [RFC] Goggles noCaptcha reCAPTCHA
Since this is Google replacing reCaptcha with a new captcha, I do think the core should be updated to replace the old with the new.
1. It means people don't have to make the extra effort to find, download and install it as an extension, provided they even know to look for it.
2. I bet it probably looks better if we can keep up to date with the available security measures we offer, out of the box.
1. It means people don't have to make the extra effort to find, download and install it as an extension, provided they even know to look for it.
2. I bet it probably looks better if we can keep up to date with the available security measures we offer, out of the box.
Has an irascible disposition.
- Pony99CA
- Registered User
- Posts: 986
- Joined: Sun Feb 08, 2009 2:35 am
- Location: Hollister, CA
- Contact:
Re: [RFC] Goggles noCaptcha reCAPTCHA
Is this replacing the old reCAPTCHA or is it something new in addition to reCAPTCHA (the linked site says that it's a new API)? If it's new, we should probably support both -- unless we're finally going to remove all of the useless CAPTCHA plug-ins (why those broken CAPTCHAs weren't removed in 3.1 is beyond me. ).
So I'm leaning toward adding a new plug-in to the core.
Steve
P.S. While I appreciate the effort, those screen captures didn't really help at all, IMHO. I couldn't tell what was supposed to happen there and shots 2 and 5 seem the same. The linked site was much more useful to understand what was going on.
So I'm leaning toward adding a new plug-in to the core.
Steve
P.S. While I appreciate the effort, those screen captures didn't really help at all, IMHO. I couldn't tell what was supposed to happen there and shots 2 and 5 seem the same. The linked site was much more useful to understand what was going on.
Silicon Valley Pocket PC (http://www.svpocketpc.com)
Creator of manage_bots and spoof_user (ask me)
Need hosting for a small forum with full cPanel & MySQL access? Contact me or PM me.
Creator of manage_bots and spoof_user (ask me)
Need hosting for a small forum with full cPanel & MySQL access? Contact me or PM me.
Re: [RFC] Goggles noCaptcha reCAPTCHA
Concerning the screen shots. #2 is from simply checking the box, number 5 is from the session timing out (seems there is some sort of time out even after checking the box originlly) which then causes the orginalish recaptcha to display once the box is clicked on again. Once answered correctly the box gets a green check mark again.
Pretty sure Google decided to keep the original reCAPTCHA so that it didn't break those that currently have it in use. I wouldn't doubt it will go the way of the dodo bird similar to how OAuth 1.0 is being replaced by OAuth 2.0.
Pretty sure Google decided to keep the original reCAPTCHA so that it didn't break those that currently have it in use. I wouldn't doubt it will go the way of the dodo bird similar to how OAuth 1.0 is being replaced by OAuth 2.0.
Do not hire Christian Bullock he won't finish the job and will keep your money
Re: [RFC] Goggles noCaptcha reCAPTCHA
I say make it an extension but one that's easily plugged into core when the time comes that way we can push it out now.
Re: [RFC] Goggles noCaptcha reCAPTCHA
+1 to that toohanakin wrote:I say make it an extension but one that's easily plugged into core when the time comes that way we can push it out now.
Has an irascible disposition.
Re: Goggles noCaptcha reCAPTCHA
This should be in the core.
And the worthless once should be removed. They do a better job at keeping real humans from registering than bots.
A catcha plugin system would be nice. But right now I'm more concerned about having a working anti spam system out of the box.
And the worthless once should be removed. They do a better job at keeping real humans from registering than bots.
A catcha plugin system would be nice. But right now I'm more concerned about having a working anti spam system out of the box.
- Pony99CA
- Registered User
- Posts: 986
- Joined: Sun Feb 08, 2009 2:35 am
- Location: Hollister, CA
- Contact:
Re: Goggles noCaptcha reCAPTCHA
Unless 3.1 removed it, there's been a CAPTCHA plug-in system since 3.0.6 (I think). If that still works in 3.1, there's really nothing to add to the core code. All that's needed is creating a NoCAPTCHA plug-in and adding it to the phpBB installer. (Removing the outdated CAPTCHAs should be done at this time, too.)Mess wrote: A catcha plugin system would be nice.
Steve
Silicon Valley Pocket PC (http://www.svpocketpc.com)
Creator of manage_bots and spoof_user (ask me)
Need hosting for a small forum with full cPanel & MySQL access? Contact me or PM me.
Creator of manage_bots and spoof_user (ask me)
Need hosting for a small forum with full cPanel & MySQL access? Contact me or PM me.
- Elsensee
- Former Team Member
- Posts: 42
- Joined: Sun Mar 16, 2014 1:08 pm
- Location: Hamburg, Germany
- Contact:
Re: Goggles noCaptcha reCAPTCHA
I really think we should add this to the core. Would be really stupid if security has to be an extension.
But if we decide to remove the old and broken CAPTCHAs as well we would only have two working CAPTCHAs in the core. I don't like that idea. Of course it is no better idea to leave the broken ones in, but having just two CAPTCHAs would look bad to me.
Are there any other not-broken CAPTCHAs out there in the www?
But if we decide to remove the old and broken CAPTCHAs as well we would only have two working CAPTCHAs in the core. I don't like that idea. Of course it is no better idea to leave the broken ones in, but having just two CAPTCHAs would look bad to me.
Are there any other not-broken CAPTCHAs out there in the www?
- M.Gaetan89
- Registered User
- Posts: 64
- Joined: Tue Jan 28, 2014 7:17 pm
- Location: Divonne-les-Bains, France
- Contact:
Re: Goggles noCaptcha reCAPTCHA
Isn't it better to have "only" 2 working captchas (for the end-user) instead of more with some broken ones?
More captchas can be added with extensions (I guess?) anyway.
More captchas can be added with extensions (I guess?) anyway.