Settings and activity

1 result found

1. Use reCAPTCHA v3 to connect instead of intrusive v2

   40 votes

   Vote Vote Vote

   We're glad you're here

   Please sign in to leave feedback

   Signed in as (Sign out)

   Close

   Close

   Vote

   We’ll send you updates on this idea

   21 comments  ·  Feature requests » Account & User Management  ·  Delete…  ·  Admin →
   How important is this to you?

   Not at all You must login first! Important You must login first! Critical You must login first!

   We're glad you're here

   Please sign in to leave feedback

   Signed in as (Sign out)

   Close

   Close
   planned  ·  AdminChris Farmer (Admin, Mailgun) responded

   Hi all,

   We're planning on making reCAPTCHA less intrusive in Q1 of 2022.

   An error occurred while saving the comment
   Kjell Rilbe commented  ·  Apr 27, 2024  ·  Delete…

   The current login experience is really bad. I have MFA enabled with Google Authenticator. I would expect that protection layer to be pretty much sufficient, so that the captcha could be skipped when using MFA. But you have the captcha there regardless. Why?

   At the very least, after successful captcha + MFA login, you should mark that device as trusted, preferably until further notice, but at least for 60 days. If, during that period, the user does another successful login, extend the trust period.

   Or, as a really last resort, make the captcha less obnoxious, at least when the user has MFA enabled. As it is now, I usually have to go through two or three rounds of clicking images.

   Save Submitting...
   Kjell Rilbe supported this idea  ·  Apr 27, 2024