• I make websites
  • I’m okay with extreme solutions, like requiring everyone to have a Yubikey-or-similar physical key
  • I really hate the trend of relying on a phone number or Google capcha as a not-a-bot detection. Both have tons of problems
  • but spam (automated account creation) is a real problem

What kind of auth should I use for my websites?

  • RobotToaster@mander.xyz
    10·
    7 months ago

    mCaptcha is a proof of work pseudo-captcha, it won’t block bots completely, but it heavily rate limits them and makes them computationally expensive to run.

    • PropaGandalf@lemmy.world
      2·
      7 months ago

      Benefits - costs: If your benefits from having less spam and the work they are doing by solving the task are greater than your costs this is acceptable.