basically what the title says

the ones i’m aware of:

  • google’s recaptcha
  • cloudflare’s hcaptcha

cloudflare being better for privacy compared to google, but still not great afaik

  • mox@lemmy.sdf.org
    link
    fedilink
    arrow-up
    1
    ·
    edit-2
    6 months ago

    The only privacy-friendly CAPTCHA is a self-hosted one.

    The only user-friendly kind is none at all.

    Depending on the web site, an alternative bot-filtering strategy might make sense, such as:

    • Allowing signup without a CAPTCHA, but requiring one before the first post/upload is allowed.
    • Allowing signup without a CAPTCHA, but deleting accounts that behave like bots.
    • Allowing signup without a CAPTCHA, but deleting accounts that don’t purchase something.
    • Allowing login without a CAPTCHA, but restricting retry rates and/or temporarily locking accounts after 10+ failures.