|
|
|
|
|
|
by jcrites
887 days ago
|
|
|
True, but modern CAPTCHA rate limiting is not easily bypassed, and a lot of the solutions are free. Together with cookies, you can show the captcha only to visitors that are not already recognized in some way, giving them a limited number of actions before showing the captcha. And regardless of whether you want one on your password reset page, you almost certainly want one on your login page anyway. |
|
|