Totally agree with you @kmahyygyyg what can we do to stop Hcaptcha from growing? you have any ideas? because we dont want to stop genuine users from visiting our site.

1 Like

Based on what? A complaint from one of your users that they have to solve a Captcha every 30 minutes? I’m not sure I understand. Do you want the clearance cookie to last longer than 30 minutes? That is a setting you can control and extend if you choose.

Otherwise, you’d need to provide more detail on what triggered the captcha… is it is specific WAF rule? A firewall rule you’ve put in place? A IP filter setting?

All of those also generally have a configuration option to control what action is taken and captcha is one of them. As a customer you have control over the security levels and controls for those functions as it relates to your visitors.


“hCaptcha is making cloudflare money by earning them Human Tokens (on the Ethereum blockchain).”
Wow, really? Well, it generates tokens but not for Ethereum.

“this might make your life better.”
This litterally saved my life once))

As a customer you have control over the security levels and controls for those functions as it relates to your visitors.

I agree that we, your clients should be making the choice of which Captcha is better for our customers, and be able to change these settings ourselves. If hCaptcha really is better, sell it to us, convince us, then we’d enable it, when it’s actually ready for market. Currently you’re forcing an unreliable, tedious, slow, invasive, unnecessary replacement on us - I presume through some kind of ill-thought out business deal for a quick buck.

The Captcha is our last line of defense, and a tool we utilise heavily as the JS Challenge simply isn’t enough. Now we’ve been forced to disable the Captcha due to the frustrations this is causing our users, we are now totally vulnerable.

I’ve also been discussing with enterprise support, but to no avail. I have no idea what’s going on here, totally baffled.

  • hCaptcha needs the ability to verify users without always producing the challenge. The majority of the time, users should easily pass without any additional steps. reCaptcha seems very good at this, hCaptcha doesn’t appear to have this functionality at all, which is not good.

  • users should not be given two or more challenges in a row. If the system isn’t good enough for this to verify first time, then it’s likely not good enough full stop.

  • we should have the ability to switch between various Captcha types that suit our business models and usage. This shouldn’t be Cloudflare’s decision.


I just sign up CF community for first time,
Any other problem is not big deal as this one.

How I change hcaptcha to other one?

  • Too hard for me and my colleague (everyone said that)
  • My GF also tell me. Oh the treat stat is going down right? yes because human is going down too.

It’s really too hard and annoying.

Question: Click on the bird

  • You insert chicken too, thank god.

the image is in poor quality,
many times i have to looking very close
to see “what the freaking is in this box?”

Pls let me know.

Big Thank You.

1 Like

reCAPTCHA was horrible; it went much harder on anonymized traffic than normal traffic. With an increasing number of users connecting to our sites over VPNs (and even Tor), it was having too much of a negative impact on usability.

In our tests, when connecting through Tor or a well-known VPN, we might need to go through reCAPTCHA more than 5 times, and we’d still get denied. The challenges got increasingly difficult, with grainy pictures and long, artificial delays between when you clicked a picture and when the next one would appear.

hCaptcha still has its problems. In our tests, we found that the correct solutions were occasionally deemed incorrect. For example, the following was marked as incorrect:

It’s a lot better than hCaptcha for anonymized traffic, though.


This has two ambiguous images in it. I passed the check, though. I’m really not having much trouble passing even when the images are ambiguous.

Hi @jiraz,

That shows 1 direct reply to the post. If you look on the right side of your screenshot, you can see 1/30 which shows there were 30 replies at the time.

Image loading time is slow… Maybe focus on imroving the loading the images…

Holy moly! I asks for image verification every single time to me. And it’s not even that accurate; it passed me through when I intentionally skipped a few images. I don’t see why anyone would even want to use it. :expressionless:

1 Like

Vouch to stop hCaptcha.

I have a digital job. I am browsing about 8-10 hours per day doing research and therefor I am confronted with hCaptcha all the time.

Why I vouch to stop hCaptcha:

  1. The loading time is horrible.
  2. It takes way more time to solve a hCaptcha vs reCaptcha. It is harder to tell which images contain the questioned object because the Images are just bad. You have to focus and analyze the Images in detail, while you have actually something else on your mind (work). It was acceptable with reCaptcha.
  3. Anonymized Traffic is challenged all the time.
  4. hCaptcha sometimes says my selection is incorrect although it is 100% correct.

On average it takes me 1 - 2 Minutes to solve a hCaptcha so I can actually visit a website I requested.

At some point, I began to just stop visiting the websites which are using Cloudflare / hCaptcha and looking for other websites that doesn’t take all my time.

Question to the pro-hCaptcha guys:
You are blaming Google to sell your data. Why don’t you just stop using Google services if you are that bothered by their existence so much?

Another Question:
Which data is Google actually receiving when reCaptcha is used? Does this little reCaptcha download all your Browser History, pack it, and ship it off to Google? Does it track you beyond of the necessary data to provide the service of approving requests? I doubt that.

Question to Cloudflare:
I like the idea of the CF services being free.
However, if you are starving for money, why don’t you just work on making more payment methods available & charge the website owners which are using the free plans just a tiny amount, like $1 per month? I would not have a problem paying $1/mo for getting access to all non-security-related features which are available in the free plan.

In the last few years, Cloudflare released awesome new features every April.
But hCaptcha is the Corona Virus of April 2020.


reCAPTCHA is owned by Google. Whenever you solve a reCAPTCHA challenge, you’re giving Google data. Avoiding Google would mean avoiding any site that uses reCAPTCHA. For that crowd, hCaptcha is preferable.

Not a ton, but they do receive some sensitive data, such as partial browsing history. They’re probably going to get that data anyway. Some people also dislike that they’re essentially being used as free labor to tag images for ML, data that Google will monetize. hCaptcha is no different in that regard; the difference here is that hCaptcha is paying Cloudflare, whereas that wasn’t the case with reCAPTCHA.

I don’t have a strong opinion on Google, but I’m glad to see that reCAPTCHA was dropped. It was just too difficult to get past for our anonymized visitors–they might spend 10-20 minutes trying to get past it, only to be denied.

I’m a little worried by the reports that hCaptcha is slow. I haven’t been able to reproduce that; everything loads in a timely manner for me even when I use something like Tor. It takes me about 15 seconds to get past hCaptcha.

Some people here are also saying that it’s difficult to solve. Even for ambiguous images, I haven’t had trouble getting it to accept my answer. Do you have screenshots of examples? I posted some above, but each time it accepted my answer.

1 Like

I read the entire topic and I couldn’t help but to create an account and reply because it’s such a shitfest here.
Ever wonder why reCaptcha is easy for you? Ever wonder why sometimes you don’t have to check images, you just click the box and it becomes a V tick? It’s because you logged your account on Google Chrome, you fed them all your data so Google knows it’s you who is accessing the site, and it let you pass.
Now, try connecting to a VPN, firing up Mozilla Firefox or Tor Browser, turning adblock on then access the same site, I bet you will never want reCaptcha in your life again. It takes 10 seconds for an image to fade out, then another 10 seconds for another image to fade in. Even if you manage to get the correct answer, you still have to repeat the process 3 or 4 times, because you don’t use our browser so we screw you up!
The reason behind this is because Google wants you to use Chrome, wants you to use their services and enable ads so they can milk data from you. It’s an ANTI-COMPETITIVE move.

The good thing about hCaptcha is it tells you how many challenges you will have to face by the number of circles at the bottom. reCaptcha doesn’t.

You guys feel like hCaptcha is too difficult? Well I have gone through much worse ■■■■ EVERYDAY. First time, aye?

1 Like

And in case you are wondering, I don’t use any Google service. My life is still beautiful without it.
@hCaptchaSupport keep up the good work.

Absolutely, that is the massive advantage of using reCaptcha. The vast majority of our users are using Chrome or logged in on a Google account. During an attack, I can filter out the bad traffic very quickly, while almost all of our users are hardly inconvenienced at all - they just click a button and are instantly verified / passed.

With hCaptcha, instead, I’m forcing every single person to complete an incredibly tedious two-stage captcha. During testing this can take up to 30 seconds after being used to the system, compared to reCaptchas 1-2 seconds. And that’s not even mentioning all of the issues which are forcing users to complete the whole thing twice (4 captchas), or preventing users from passing it altogether. We’re not going to be able to convince even a fraction of our users to install privacy pass - hCaptcha’s causing issues with that too, captcha not loading at all.

reCaptcha’s primary goal is as a great captcha, for internet security, with the secondary goal of helping to improve their AI systems. hCaptcha’s primary goal is to produce profits, the entire thing appears to be built around that.


You joined 1day before aswell… so why mocking on someone else when the same thing you complain about applies to you??

I personally think in some points CloudFlare have done wrong here and just decided what the user HAVE TO use.
I like alternatives and I like options. For me as an IT-Guys I want to be free, at least in this virtual world. And I want to be able to use the Service I want to use. I’m against google in many cases and I love it when other companys rise up and create something that can even make Google fearing about and make them up their game and not collecting so many datas.

I like that CloudFlare implemented hCAPTCHA but it should have been implemented as option even if it would be implemented as default. But everyone should have the option to fall back to reCAPTCHA for whatever reason.

Its a bit aggressive to force everyone now to use something they never had the chance to test. I think CloudFlare have done wrong with this an as most things this may be just the first step in the wrong direction… many companies start with little things like this and then go on with other things which are making their customers unstatisfied.

A lot of complaints here are without proof! So shame on all the guys complaining at a service from a new player expecting it to be perfect since day 1… if you complain, proof that your complaint is true like others have done here. A lot of shet it going around in the Net these days, specially when people are bored like in these corona times…

@dev48 @hCaptchaSupport thanks for this alternative I think I will go with it :+1:
@CloudFlare pls do not force users/customers to use something. But us a “testing time” or an option to choose. Here are a lot of splitt opinions and not everyone is happy with what you have done even if I think its right, but the way you have done it for me is wrong.

Best regards,


Dear ALL!
I had a error One more step but dont show the capcha to complete to access to the web
Can you help me plz



Every single website using Cloudflare is asking me to complete this ■■■■ I did like 5 of them today and spending 3 minutes on each of these amazing ■■■■ pictures.

I’ve been very grateful inside of myself for the free plan offered by Cloudflare, but isn’t this the beginning of some kind of BS? Things always come to an end at the end, nothing is ever eternal.

reCaptcha has his bad sides, but hCaptcha is DAMN slow, the pictures are horrible and it gets triggered way too often, at least for me.

I honestly don’t give a ■■■■ about being tracked as I block ads anyway. So why bother? Google might be a monopoly but that’s how it is, for now, no one did better yet that’s it.

So guys at CF please wake up use your brain think about the user for 2s instead of listening to your jealous ego spitting on Google making money instead of you.

Anyway, I’m just a free user, heavy business users are the ones who will get their voice heard following a drop in visitors because of these captchas.

According to the firewall page though, after calming myself and some proper investigation, I didn’t find there were many more checks than usual being triggered.

Am I just unlucky?


Hi @Nop,
You may want to take a look at:

1 Like