https://bugzilla.wikimedia.org/show_bug.cgi?id=12206
--- Comment #4 from Tim Starling <[email protected]> --- (In reply to comment #3) > This is apparently intentional to avoid giving information to attackers > (https://gerrit.wikimedia.org/r/gitweb?p=mediawiki/extensions/ConfirmEdit. > git;a=blob;f=Captcha.php;h=2d6afbf6d2bb99491d89b341054014e6764b09e3;hb=refs/ > heads/master#l535). > > That doesn't mean it's worth it, though. The commit message was: "Add captcha support for triggering a captcha after a bad password attempt. Legit users shouldn't be inconvenienced much, but password-guesser bots will be severely speedbumped." The premise was incorrect. Legitimate users are inconvenienced. -- You are receiving this mail because: You are the assignee for the bug. You are on the CC list for the bug. _______________________________________________ Wikibugs-l mailing list [email protected] https://lists.wikimedia.org/mailman/listinfo/wikibugs-l
