Only Require CAPTCHA on Unsuccessful Login Attempts

The vast majority of the times I login to Scoutbook I have to enter the CAPTCHA. It’s pretty annoying. I’m a Software Security Consultant so I know the purpose of the CAPTCHA, but it’s really not necessary on initial login attempts. If a bot is trying to brute force your login the initial attempts will be unsuccessful, so you can enable the captcha only if there have been 2 unsuccessful login attempts. Regular uses will not encounter the CAPTCHA and you’ll still have protection from bots. Win.

2 Likes

You can avoid the CAPTCHA if you set your my.scouting.org account, and thus Scoutbook, to use a Google or Apple ID.

The SUAC has been told the CAPTCHA is not only there to prevent bots. The BSA has no plans to remove or change the CAPTCHA settings.

This topic was automatically closed 7 days after the last reply. New replies are no longer allowed.