In a recent project I put a captcha test on a login form, in

Question

0

Asked: May 14, 20262026-05-14T16:48:17+00:00 2026-05-14T16:48:17+00:00

In a recent project I put a captcha test on a login form, in

0

In a recent project I put a captcha test on a login form, in order to stop possible brute force attacks.

The immediate reaction of other coworkers was a request to remove it, saying that it was inapropiate for that purpose, and that it was quite exotic to see a captcha in that place.

I’ve seen captcha images on signup, contact, password recovery forms, etc. So I personally don’t see inapropiate to put a captcha also on a place like that. Well, it obviously burns down usability a little bit, but it’s a matter of time and getting used to it.

With the lack of a captcha test, one would have to put some sort of blacklist / account locking mechanism, which also has some drawbacks.

Is it a good choice for you? Am I getting somewhat captcha-aholic and need some sort of group therapy?

Thanks in advance.

Report

Leave an answer
Cancel reply

You must login to add an answer.

Need An Account,

1 Answer

Editorial Team · Answer 1 · 2026-05-14T16:48:17+00:00

Editorial Team

2026-05-14T16:48:17+00:00Added an answer on May 14, 2026 at 4:48 pm

Just add a CAPTCHA test for cases when there have been failed login attempts for a given user. This is what lots of websites currently do (all popular email services for instance) and is much less invasive.

Yet it completely thwarts brute force attacks, as long as the attacker cannot break your CAPTCHA.

0

Reply
Share
Share

- Report

Sign Up

Sign In

Forgot Password

The Archive Base Latest Questions

In a recent project I put a captcha test on a login form, in

Leave an answerCancel reply

1 Answer

Leave an answer
Cancel reply