I have noticed lately that several sites I’ve tried to login to, some I already have an account, some I am trying to make a new account give me what seems like endless captchas.

The two notables ones from my memory, Etsy, where I’ve had an account for years and have 2fa enabled ffs. The other Unity, where I’m trying to make an account to join a friends Organization.

After several minutes the captches just seem to keep going and I get more and more frustrated to the point I just give up and don’t login (which is not really an option with my Etsy store).

My setup isn’t anything crazy, Firefox, Fedora 40, no vpn’s or anything. Always from either my laptop or gaming system.

Does anyone else have this issue? What are the options?

EDIT/UPDATE: I disabled ublock origin long enough and only got one captcha. Seems google is trying to punish people using that. EDIT2: Spoke too soon, got my email verification, clicked through and back to endless captcha’s… ffs

  • Kalcifer@sh.itjust.works
    link
    fedilink
    arrow-up
    9
    arrow-down
    3
    ·
    edit-2
    6 months ago

    Are you using a VPN? If yes, try disabling it.

    EDIT (2024-05-22T19:33Z): For clarity, I’m not against the use of VPNs. I am simply offering ideas for troubleshooting steps. It is very common that sites and services will flag VPN providers as potential botnets and, thus, barrage a VPN user with captchas. This outcome isn’t unique to VPNs — there are potential browsing fingerprints that can result in being flagged as a potential bot — but it is at least one potential and common culprit.

    • Godort@lemm.ee
      link
      fedilink
      arrow-up
      6
      ·
      6 months ago

      This is almost certainly the cause.

      Most captchas treat connections from a known VPN exit node as a red flag because most of the spammers use them to hide their location and it’s a pretty small minority of the total traffic so not many people will complain about it. It’s also way easier to do that than try and find some heuristic way to identify malicious behavior.

      If they also get some extra data from you that they can sell once you disable it, then all the better for the company too.