go to sections menu

security note from blog The Technology blog and podcast

This is for the technology blog and podcast Commentary, articles, and podcasts

header picture for Ingegno theme

You are here: general-updates-and-announcements > security note

Go to Homepage, contents or to navigation menu



security note

Hi all.

As you may have been aware of on the latest podcast I mentioned 2 factor
authentication.

So why is there a captcha?

For the record I hate captcha in all its forms.

Here’s the deal.

From an admin point of view, captcha is easier to put in than 2 factor.

For 1 thing, each user needs to make 2factor just work for them, so they
need to turn it on.

I can’t tell them to turn it on which defeats the purpose.

2.  subscription.

Many of these plugins add you to services which may need subscription.

Now thats fine but it says licenced per user for a lot of them.

What is a user?

Is a user someone that has access to those plugins configuration, 2
users, thats fine enough.

However does it mean users as in all users using it on their profile?

If its all users, then how many are writing.

is it more than 10.

Suddenly, if you went to say write something or comment, you’d get a
message from the site that I’d have to put up somehow telling you to pay
us 3 dollars a month so we can pay for the authentication!

How about, no!

Firstly I don’t know what some of these things mean about a user, and
suddenly its just a bit complex.

As a former software pirate, this sort of thing made me want to go crack it.

Now I can’t forget my morrals and make the user pay me so I can give
them access its just not in my nature to be that much of an evil bastard.

Pluss you should know by now, I absolutely loath the subscription system
a lot of things have unless its meaningfull and unless I use it.

I’m not made of cash myself and neither are the majority of the blind
either and people in general.

After going through several articals I tried wpsms and a few other things.

However you need a mobile number for reporting to and a gateway which
means somewhere along the line I would have to pay or someone would and
that would eventually have to go back to the user because I am certainly
not made of cash.

My next point was to try captchas.

After not being able to understand google captcha v3 I tried v2 invisible.

This worked but oh dear, the login just never accepted.

So try v2.

This did work but I know some have issues with v2 and the audio and I
eventually got totally annoyed and scrapped it.

I then tried math captcha.

This is out of date and while it did work it displayed weirdly and I
killed it.

So we now use captcha booster in logic math number mode.

No multiply or devide because it put out things like 27 times39 or59
devided by 24.

I had to use a calculator to log in and again we don’t want to turn off
users just keep out bad guys.

So we have plus and minus.

Plus works minus does not show minus but if you see a couple numbers =
whatever with 2 spaces in the middle then its a minus and it just works.

There is a 5 attempt login on this which hmmm if you fail it will do
something, not sure exactly what because I have the basic version which
just gives the captcha and not much else.

As an asside, I strongly reccomend all users that write here and admins
to get a wordpress account if not for your own blog but as a backup.

You may login with google and facebook and other things if you want.

I have a wordpress account, but if you suddenly screw things you will
need a backup.

If to many screw things I may just get rid of the plugin alltogether but
this is at least workable.

Its just setup and go and it just does.

Never the less I am due to talk to a blogger who uses logic captcha and
other things on their sites and has offered to help with various things,
obviously its not going to be free but we will see what we see.

I can manage up to 20 us dollars maximum for a 1 off buy in but thats
probably it.

No subscriptions, so we will see what we see.

Right now, its going to work, its local, it will work with speech, and
at least its not recaptcha.


Informazioni sull'articolo

security note was released on February 4, 2020 at 9:05 pm by crashmaster in general-updates-and-announcements.
Last modified: February 4, 2020.


Comments (0)

No comments yet.

Leave a comment

Message form







go to sections menu


navigation menu

go to sections menu