Could Cloudflare consider an alternative to reCAPTCHA?

maybe the score is built up over the time and duration you’re logged into google ?? i just checked my score it’s at 0.9 while always being logged into google and 0.7 while in incognito in Opera browser

I wouldn’t advise focusing too much on the score returned by the example page. That example is intended to show an approach to implementing the v3 API using the PHP code hosted here. The score returned is specific to that particular request and is not an indicator about the status of your Google account.

When using the v3 API on your own site, the score indicates the confidence in which the service has that this is a non-automated request. It is not a definitive answer, only an indicator. A low score can be used as a prompt for additional verification on an action - for example, a confirmation SMS - rather than blocking a user entirely.

That is quite likely but also a problem if your browser is configured for regular amnesia :slight_smile: and you yourself still part of the generation who still knows what a logout button does :wink:

2 Likes

Possibly any update on that issue, @ryan?

I just mistyped my password and the captcha immediately kicked in, for the IP address and the account. I was fortunate enough that Google felt gracious today to consider my Google account worthy to skip the captcha but God knows how long that will be like that :roll_eyes:

I am not sure whether upgrading to version 3 would help, but the way it is right now is quite annoying, I am terrified of typing the password :smile:

1 Like

maybe CF account could have a setting to choose between v2 and v3 for end users ??

1 Like

It generally would be lovely it one could customise these security settings on a per-account level. I’d really appreciate if I had the ability to turn that off :slight_smile:

1 Like

Assuming there was a better chance of the withdrawal agreement passing the British parliament yesterday than Cloudflare switching away from reCAPTCHA :wink: could at least the sensitivity be decreased a bit?

One typo in the password and one has to go through the Google ordeal. Could that be increase to at least two or three attempts? Thanks :nerd_face:

1 Like

That’s what you get for not using a password manager. :smirk:

2 Likes

Ohh, I would, but it doesnt necessarily make using the account easier when you dont have that very password manager at hand :slight_smile:

On a serious note though, I think a grace typo should be permitted. If Cloudflare cant help imposing the captcha it should at least not kick in after one single failed attempt. What do you think? :sunglasses:

One typo and you are out.

Looks like we got our wish

A little surprised this wasn’t communicated with site owners at all, not even with a blog post.

4 Likes

I havent tried it and do not intend to, but I am not sure that is what I meant by alternative :wink:

I guess the issue with a single typo and the login going berserk is still there.

But yes, not entirely what you meant, @sandro!

I am afraid, not what I meant at all.

I am also not sure whether we should welcome that migration, however my request was not so much about the challenge page but rather about the Cloudflare login in the first place.

1 Like

Seriously though, one effing typo and one has to jump through the CAPTCHA hoops and the new CAPTCHA is not even particularly good. I just spent five minutes clicking on images.

@cloonan, can there be finally something done about this? It has been two years and I think Cloudflare should not freak out if one has one failed login attempt.

Cloudflare royally effed up today, with their whole user account system.

Close to furious :face_with_symbols_over_mouth: