Why we’ve added Google ReCaptcha to WebTranslateIt
By Edouard on April 15, 2021
Hi there!
Just a quick post to announce that we’ve added a Google ReCaptcha on some of our pages. We know it sucks, but just let me explain why we installed Captcha and where, and which version of the Captcha we’ve installed.
Why we’ve added Google ReCaptcha
A few months ago we noticed a huge spike of spammers creating user accounts and spamming other users through the discussions feature. We don’t like people sending spammy e-mails on our behalf, and it didn’t want this to have an impact on our e-mail sending reputation, so we started banning these users, but hundreds of new ones were continuing creating accounts every day!
Since the past 10 years or so we used to use a honeypot (or negative captcha) which was working well, but nowadays it seems robots can figure it out, and some users started to have problems using the pages with the honeypot. As it turns out, new versions of Google Chrome now autofills the fields that are used for the honeypot. We were very reticent to using a solution like Google ReCaptcha, because it is annoying and invades privacy, but the situation left us with very little choice. If you have a better alternative don’t hesitate to let us know!
Where we have implemented Google ReCaptcha
We’ve implemented captcha on 3 pages: the sign up page, to fight against spammy accounts creation, the recover password page, to fight against spammy “I forgot my password” actions, and on the Support Request page, to fight against spammy support requests. The Google Captcha code is only included on these 3 pages. If you are browsing another page, your won’t be tracked by Google’s ReCaptcha servers.
Which version of ReCaptcha we’ve installed
Finally, there are different versions of Captcha. Some of them are a bit intrusive to user’s privacy, others are very intrusive to the user’s privacy. We installed the one with the least implications to our user’s privacy. We use the “v2 I’m not a robot” captcha and it the code is only installed where we absolutely need it (so, as we said, on the sign up, recover password and support request pages).
Again, don’t hesitate to let us know if you have other suggestions to improve this. Unfortunately this came out as a necessity to keep the website running.
How is it going
We’ve implemented Captcha a few months ago now and we thought it would be interesting to share how these protective measure have been working for us. Frankly, it has stopped most of the spammy accounts we created, but not all of it. We’re still surprised that some spammers spend time and money to create accounts on WebTranslateIt for advertising products, although we have very few public pages where these links would be displayed anyway.
So we still have a few spammy accounts getting created each day, and we delete them manually as a daily routine.
With that, thanks for reading!