Is it necessary or useful for me to have a captcha login?
Is it helpful to have a captcha on a login screen?
A few articles that I read described Captcha as CAPTCHA (Completely Automated Public Turing test to tell Computers and Humans Apart) is a type of security measure known as challenge-response authentication. ... A CAPTCHA test is made up of two simple parts: a randomly generated sequence of letters and/or numbers that appear as a distorted image, and a text box.
Adding a Captcha login is not a solution, it is merely an obstacle for both hackers and users. I have very good vision with my glasses and sometimes I can barely make out the image text. I would imagine that someone in denial about their vision is going to be infuriated. Everything you implement needs to have a specific purpose or else you just end up throwing pies in the sky with poo filling and these pies eventually land directly on your users.
Here is some food for thought: Problem
- User accounts are getting hacked due to automated brute force attempts
- Solution : Accounts are now locked after 3 failed logins
Problem
- All user accounts have been revealed and a bot is now trying to brute force all accounts
- All accounts get locked within a matter of seconds due to 3 failed logins
- Solutions? Plentiful, but did we even need to get to this step? Is this currently an issue?