Closed
Bug 1126784
Opened 10 years ago
Closed 5 years ago
[spam] Add a CAPTCHA to article edit form for new editors
Categories
(developer.mozilla.org Graveyard :: General, enhancement)
Tracking
(Not tracked)
RESOLVED
WONTFIX
People
(Reporter: hoosteeno, Unassigned)
Details
User Story
User Stories: * An administrator can set a waffle flag requiring users who have fewer than 10 revisions to enter a reCAPTCHA when creating or editing a page * A user who creates or edits a page when this flag is true will have to enter a reCAPTCHA before their submission will be accepted
In a thread about MDN's spam problem on the dev-webdev list[0], several webdevs suggested using a CAPTCHA to prevent bots from overrunning the site. I pointed out that CAPTCHAs are frequently cited as accessibility blockers, but it sounds like Google's new reCAPTCHA is much more friendly to keyboard users and assistive tech users. In particular, one of Mozilla's accessibility evangelists said it would be a reasonable addition to MDN[0], citing an article about its accessibility features written by accessibility experts[1].
Considering this, I suggest we implement CAPTCHAs only for new editors. I think we could do this in a variety of ways, but here are two I submit to spark conversation[2]:
1) We could implement a CAPTCHA on the profile create form
2) We could implement a CAPTCHA on the article submission form if someone has less than X revisions total (where X is, say, 10).
3) Or both!
I prefer #2.
[0] https://groups.google.com/forum/#!topic/mozilla.dev.webdev/amdnED-LL8Q
[1] http://simplyaccessible.com/article/googles-no-captcha/
[2] https://medium.com/@ienjoy/mcdonalds-theory-9216e1c9da7d
|
||
Comment 1•10 years ago
|
||
Option 3) is obviously useless: if the spammer can go through the captcha at account creation, he would go through the captcha in case 2.
If we do this, we have to be sure to have metrics in place to measure the lost of valid contributors and contributions this leads to. (And decrease this from any goal we could have wrt these metrics).
What is the efficiency of the proposed CAPTCHA?
Also note that Transport for London was using Google reCAPTCHA last week and I had to call their support, their Web site was no more allowing me to go in as the reCAPTCHA changed without noticed. What are the risks there?
Flags: needinfo?(hoosteeno)
|
||
Comment 2•10 years ago
|
||
Note: we can implement this with a waffle feature flag to:
1. Roll it out gradually
and/or
2. Only enable it if/when we see spam bot spikes
|
|
||
Comment 3•10 years ago
|
||
I like the waffle thing.
|
Reporter | |
Updated•10 years ago
|
User Story: (updated)
Flags: needinfo?(hoosteeno)
|
||
Comment 4•5 years ago
|
||
MDN Web Docs' bug reporting has now moved to GitHub. From now on, please file content bugs at https://github.com/mdn/sprints/issues/ and platform bugs at https://github.com/mdn/kuma/issues/.
Status: NEW → RESOLVED
Closed: 5 years ago
Resolution: --- → WONTFIX
|
|
||
Updated•5 years ago
|
Product: developer.mozilla.org → developer.mozilla.org Graveyard
You need to log in
before you can comment on or make changes to this bug.
Description
•