On 2020-08-27 13:15, Rich Kulawiec wrote: > 3. Captchas are a worst practice in security and should never be used. > They can be and are defeated at will by any adversary who wants to > trouble themselves to do so. They're also user-hostile. There are much > better methods available for protecting Mailman instances from abusers.
I've said for some time that traditional captchas are by now almost a REVERSE test. Ability to solve them should be taken as stronger evidence that you are a bot than that you are a human, because bots are better at solving them than humans are. Image-style captchas like reCaptcha are better, but they too have a shocking oversight: They do not scale well on increasingly-ubiquitous high-resolution displays. I'm currently using a 32" 4K monitor, and even after zooming the page as far as I can, I still sometimes have to resort to a magnifying glass to be certain whether I'm seeing a specified object somewhere in the background of one of the images. -- Phil Stracchino Babylon Communications ph...@caerllewys.net p...@co.ordinate.org Landline: +1.603.293.8485 Mobile: +1.603.998.6958 ------------------------------------------------------ Mailman-Users mailing list -- mailman-users@python.org To unsubscribe send an email to mailman-users-le...@python.org https://mail.python.org/mailman3/lists/mailman-users.python.org/ Mailman FAQ: http://wiki.list.org/x/AgA3 Security Policy: http://wiki.list.org/x/QIA9 Searchable Archives: https://www.mail-archive.com/mailman-users@python.org/ https://mail.python.org/archives/list/mailman-users@python.org/
