Y
Hacker News
new
|
ask
|
show
|
jobs
by
bsza
532 days ago
Unless the page gives you a captcha before the TOTP, which it definitely should.
2 comments
gruez
532 days ago
None of my bank accounts use a login captcha. Presumably they mitigate bruteforcing using lockouts or similar. Even if they use captchas, captcha solving services exist that solve for less than a cent per solve. It's not a huge barrier.
link
dns_snek
532 days ago
Modern captchas only deter humans, bots will pass right through.
link