| A couple of years ago, a web site I was using at the time started to use a relatively obscure service that appeared to inspect or fingerprint the user agent in various ways, as well as tracking browsing activity, in order to determine if the user should be locked out of the site until a captcha was completed. Although I suspect it was supposed to be transparent, it still ended up being a disaster for many of the users, especially the non-technical ones. The web site's support forum was full of complaints from what seemed to be legitimate, long-time users and customers. Even benign and reasonable user agent variations from the "norm" seemed to cause problems for this particular system. For example, I recall a default Chrome installation working well enough, but adjusting its configuration to harden its security or privacy seemed to confuse the web site's blocking system. In my case, I had to keep around and use a dedicated ancient browser installation, since newer ones seemed to trigger repeated challenges for some reason I could never figure out. The challenge page even had a report-a-problem form, but I don't know if anyone or anything actually considered the submissions. Even the web site's administrators seemed to have trouble figuring out why legitimate users were getting flagged repeatedly by this system they were using. I ended up just not using that web site any longer. The hassle wasn't worth it. |