- From: Peter Linss <notifications@github.com>
- Date: Sat, 19 Sep 2020 11:24:22 -0700
- To: w3ctag/design-reviews <design-reviews@noreply.github.com>
- Cc: Subscribed <subscribed@noreply.github.com>
Received on Saturday, 19 September 2020 18:24:35 UTC
Form submission abuse is a real issue, but the current solution of CAPTCHAs is a horrible and error-prone user experience. CAPTCHAs are an accessibility nightmare, provide an inconsistent UX, leak information to centralized services, and are abused as mechanical turks. The UA knows that a human is driving it, can we provide a better mechanism that allows UAs to automatically prove human action and provide a consistent, accessible UX when needed? One thought, add an `<input type=captcha>` that provides a trust token or the like in form submission. It would have no display, but the first time a form containing it is submitted, the UA can provide a UX to authenticate the user and obtain the token (querying the value from script would also yield the token/trigger the UX). The token could then be stored and auto-submitted in the future without any UX. Authors would need to be able to feature detect and fall back to other CAPTCHA mechanisms when not implemented. -- You are receiving this because you are subscribed to this thread. Reply to this email directly or view it on GitHub: https://github.com/w3ctag/design-reviews/issues/558
Received on Saturday, 19 September 2020 18:24:35 UTC