CAPTCHA difficulty increased, security question changed (2019-07-25)

Started by namida, July 25, 2019, 08:13:13 PM

Previous topic - Next topic

0 Members and 2 Guests are viewing this topic.

namida

As spambots have been a bit more prolific than usual lately, I've bumped up the security measures a bit by increasing the difficulty of the CAPTCHA and changed the security question (though the new one is no harder, just different).

Hopefully this won't interfere too much with new users, but if any legitimate users are trying to register and having difficulty, please stop into #neolemmix or #lix on IRC (QuakeNet), or the Lemmings Forums Discord, and someone will be able to help you. I've informed staff (and regular users if they want, though of course there's no obligations on them, it's just if they voluntarily want to help) that if they aren't able to help out themself, they should pass the info on to me via private message and I'll deal with it.

It might also be a good idea for us to get an extra moderator, just as a backup measure.
My projects
2D Lemmings: NeoLemmix (engine) | Lemmings Plus Series (level packs) | Doomsday Lemmings (level pack)
3D Lemmings: Loap (engine) | L3DEdit (level / graphics editor) | L3DUtils (replay / etc utility) | Lemmings Plus 3D (level pack)
Non-Lemmings: Commander Keen: Galaxy Reimagined (a Commander Keen fangame)

Minim

Quote from: namida on July 25, 2019, 08:13:13 PM
Hopefully this won't interfere too much with new users, but if any legitimate users are trying to register and having difficulty, please stop into #neolemmix or #lix on IRC (QuakeNet), or the Lemmings Forums Discord, and someone will be able to help you. I've informed staff (and regular users if they want, though of course there's no obligations on them, it's just if they voluntarily want to help) that if they aren't able to help out themself, they should pass the info on to me via private message and I'll deal with it.

I've thought of another idea. How about sending emails to administrators (That's only if, unregistered users are allowed to)? Only thought of this because some people (like me) don't like the idea of using chat sites.
Level Solving Contest creator. Anybody bored and looking for a different challenge? Try these levels!

Neolemmix: #1 #4 #5 #6
Lix: #2  #7
Both Engines: #3

Simon

I think all of these forum captchas are solvable by robots, and higher difficulty merely makes it annoying for humans.

I found no link to prove claim. I'm fine trying the difficult captcha until I find proof that the difficulty doesn't hinder robots.

It's good style to change the security question frequently.

-- Simon

namida

While my evidence is only anecdotal (albeit first hand), I disagree.

A coworker recently launched an update to a company website, but accidentally left Captcha off for the email contact form. Spam emails increased, and then later decreased again, around the same times as the launch and the re-enabling respectively.

The website in question does use ReCaptcha, rather than a simpler local routine of some kind. This could definitely be a factor. I do notice ReCaptcha's difficulty is quite dynamic - in a normal tab on my regular-use browsers I usually don't have to do anything besides checking a box; I usually have to solve one or two questions in a private browsing tab, and often 5+ when using Tor.
My projects
2D Lemmings: NeoLemmix (engine) | Lemmings Plus Series (level packs) | Doomsday Lemmings (level pack)
3D Lemmings: Loap (engine) | L3DEdit (level / graphics editor) | L3DUtils (replay / etc utility) | Lemmings Plus 3D (level pack)
Non-Lemmings: Commander Keen: Galaxy Reimagined (a Commander Keen fangame)