20

What is the best captcha service for privacy?

posted
*
by
Avatar
grant 🍞@toast.ooo
in
Avatar
privacy@lemmy.ml
9 comments
hidereport

basically what the title says

the ones i’m aware of:

  • google’s recaptcha
  • cloudflare’s hcaptcha

cloudflare being better for privacy compared to google, but still not great afaik

Sort:
HotTopControversialNewOld
Avatar
RobotToaster@mander.xyz
13 points

mCaptcha can be self hosted https://mcaptcha.org/

It’s technically not a CAPTCHA, for the pedantic, but it serves teh same purpose.

permalink
report
reply
Avatar
OneCupFOSS@reddthat.com
7 points

Not sure about captchas but the honeypot filter works fine.

Its open source so there probably is a good level of privacy.

https://github.com/spatie/laravel-honeypot

permalink
report
reply
Avatar
mox@lemmy.sdf.org
5 points

The only privacy-friendly CAPTCHA is a self-hosted one.

The only user-friendly kind is none at all.

Depending on the web site, an alternative bot-filtering strategy might make sense, such as:

  • Allowing signup without a CAPTCHA, but requiring one before the first post/upload is allowed.
  • Allowing signup without a CAPTCHA, but deleting accounts that behave like bots.
  • Allowing signup without a CAPTCHA, but deleting accounts that don’t purchase something.
  • Allowing login without a CAPTCHA, but restricting retry rates and/or locking accounts after 10+ failures.
permalink
report
reply
Avatar
retro@infosec.pub
1 point

Cloudflare’s Turnstile has an invisible mode that you’re probably using in a lot of places and aren’t aware of it. It provides an invisible challenge to the browser and requires no interaction. I would say no input require in quite user-friendly.

permalink
report
parent
reply
Avatar
mox@lemmy.sdf.org
0 points

I would argue that’s not a CAPTCHA at all, since it’s not a Turing test, but rather a browser inspection.

In any case, Cloudflare services like these are not remotely privacy-friendly.

permalink
report
parent
reply
Avatar
Zerush@lemmy.ml
0 points

Yes, the Honeypot system, an invisible part, only visible for bots, they use it and get blocked. easy.

permalink
report
parent
reply
Avatar
retro@infosec.pub
2 points
*

Cloudflare’s CAPTCHA is Turnstile. I’ve found it very useful. It doesn’t use pick the image or type the text, it’s just tick the box. You can even set it to invisible, then the user doesn’t need to even do that, the challenge is sent to the browser and is completed automatically.

https://developers.cloudflare.com/turnstile/

In terms of privacy, it’s is still Cloudflare, but at least it’s not intrusive to the user experience.

permalink
report
reply

Privacy

!privacy@lemmy.ml

Create post

A place to discuss privacy and freedom in the digital world.

Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.

In this community everyone is welcome to post links and discuss topics related to privacy.

Some Rules

  • Posting a link to a website containing tracking isn’t great, if contents of the website are behind a paywall maybe copy them into the post
  • Don’t promote proprietary software
  • Try to keep things on topic
  • If you have a question, please try searching for previous discussions, maybe it has already been answered
  • Reposts are fine, but should have at least a couple of weeks in between so that the post can reach a new audience
  • Be nice :)

Related communities

Chat rooms

much thanks to @gary_host_laptop for the logo design :)

Community stats

  • 27

    Monthly active users

  • 1.5K

    Posts

  • 7.5K

    Comments

Community moderators