Is it inmoral to put a captcha on a login form?

Posted by azkotoki on Stack Overflow See other posts from Stack Overflow or by azkotoki
Published on 2010-05-04T10:59:21Z Indexed on 2010/05/04 11:08 UTC
Read the original article Hit count: 301

In a recent project I put a captcha test on a login form, in order to stop possible brute force attacks.

The inmediate reaction of other coworkers was a request to remove it, saying that it was innapropiate for that purpose, and that it was quite exotic to see a captcha in that place.

I've seen captcha images on signup, contact, password recovery forms, etc. So I personally don't see innapropiate to put a captcha also on a place like that. Well, it obviously burns down usability a little bit, but it's a matter of time and getting used to it.

With the lack of a captcha test, one would have to put some sort of blacklist / account locking mechanism, which also has some drawbacks.

Is it a good choice for you? Am I getting somewhat captcha-aholic and need some sort of group therapy?

Thanks in advance.

© Stack Overflow or respective owner

Related posts about captcha

Related posts about authentication