Is it immoral to put a captcha on a login form?

Posted by azkotoki on Stack Overflow See other posts from Stack Overflow or by azkotoki
Published on 2010-05-04T10:59:21Z Indexed on 2010/05/04 12:38 UTC
Read the original article Hit count: 223

In a recent project I put a captcha test on a login form, in order to stop possible brute force attacks.

The immediate reaction of other coworkers was a request to remove it, saying that it was inapropiate for that purpose, and that it was quite exotic to see a captcha in that place.

I've seen captcha images on signup, contact, password recovery forms, etc. So I personally don't see inapropiate to put a captcha also on a place like that. Well, it obviously burns down usability a little bit, but it's a matter of time and getting used to it.

With the lack of a captcha test, one would have to put some sort of blacklist / account locking mechanism, which also has some drawbacks.

Is it a good choice for you? Am I getting somewhat captcha-aholic and need some sort of group therapy?

Thanks in advance.

© Stack Overflow or respective owner

Related posts about captcha

Related posts about authentication