switched to the powerful and privacy protecting Captcha by @hCaptcha@twitter.com for better protection against spam bots :crazy:

Follow

@spamty Which has even worse accessibility than reCAPTCHA, unless you actively link all your web traffic to an account to bypass the CAPTCHAs.

@wizzwizz4 what's a better alternative for hCaptcha? I never used reCAPTCHA because of their privacy policy; Securimage was defeated by bots. So I guess hCaptcha is the best solution for now. 🤔

@spamty Think of some simple puzzles yourself, and write a small program to implement them.

Take Qwant's “select the unique shape” – some randomly-coloured, randomly-distributed squares, and one circle (or vice versa, many circles and one square), with some areas of value noise introduced into the image. It's submitted via <input type="image" />, so doesn't need JavaScript.

Throw together a few puzzles like that. Have a visual, audio and text.

1/2

@spamty It doesn't need to be fancy, because it's only on your site (and perhaps a few others). This will protect you against non-targeted attackers, which is all you really need; a targetted attacker would just pay hCaptcha for some hCaptcha bypass tokens.

2/2

Sign in to participate in the conversation
Fosstodon

Fosstodon is an English speaking Mastodon instance that is open to anyone who is interested in technology; particularly free & open source software.