I have noticed that some CAPTCHA pages, like Cloudflare’s, simply ask you to check a box to proceed. There is no clicking on traffic lights or entering characters. How does clicking on a check box tell them I am not a robot?

  • stoy
    link
    fedilink
    arrow-up
    5
    ·
    10 months ago

    I remember a talk about this I watched on YT about this, but I can’t find it now.

    But the way it was described to work was that it looked at how you interacted with the page, how you mouse pointer moved, if it moves too straight between interactive points, how randomly it moves, if you are entering text in a field, how slow are you and do you make mistakes, how do you correct those?

    Then when you click the tickbox it decides based on all those factors if you are human or if you are a bot.

    Those captcha checks on a blank page are probably checking mouse movements, IP, User Agent and more stuff like that to determine it more checks are needed, though it might even be a fake captcha to act like a loading screen