Page MenuHomePhabricator
Create Task
Maniphest T289607

<Security Initiative> Improving Captcha
Closed, InvalidPublic10 Estimated Story Points
Actions

Description

See FY2024-25 WE4.2.3 CAPTCHA evaluation framework instead.

Old previous content of the task description:

Request Status: Discovery Phase by Platform PM
Request Type: research

Request Title: Improve Captchas

  • Request Description: For several years, we have discussed improvements or alternatives to Fancy Captcha in order to decrease bots getting past the captcha and to also have a more inclusive captcha experience for users (ex: captcha being in all capital letters for those not familiar with English alphabet in lower case). This ticket is to review what are realistic solutions that address both our inclusivity and security needs.
  • Indicate Priority Level: Medium
  • Main Requestors: Security
  • Ideal Delivery Date: N/A
  • Stakeholders: Trust & Safety, community, front-end teams, PET

Request Documentation

Document TypeRequired?Document/Link
Related PHAB TicketsYesT250227: Investigate and evaluate hCaptcha to replace Wikimedia's Fancy Captcha, T6845: CAPTCHA doesn't work for people with visual impairments
Product One PagerYes<add link here>
Product Requirements Document (PRD)Yeshttps://docs.google.com/document/d/12vl4vCZivUvZWJ0yW_OWAh_AwxjrLfKzGu-RjOtRllE/edit#heading=h.5i20fdfevq7o
Product RoadmapYes<add link here>
Product Planning/Business CaseNo<add link here>
Product BriefNo<add link here>
Other LinksNo<add links here>

Related Objects
Search...

Event Timeline

DAbad created this task.Aug 24 2021, 6:04 PM
Restricted Application added a subscriber: Aklapper. · View Herald TranscriptAug 24 2021, 6:04 PM
DAbad triaged this task as Medium priority.Aug 24 2021, 6:05 PM
DAbad moved this task from Investigate to Work In Progress on the Foundational Technology Requests board.
DAbad moved this task from Work In Progress to Investigate on the Foundational Technology Requests board.
DAbad set the point value for this task to 10.
Peachey88 subscribed.Aug 25 2021, 12:50 AM
DAbad changed the task status from Open to Stalled.Oct 14 2021, 3:13 PM
DAbad raised the priority of this task from Medium to High.
DAbad moved this task from Investigate to Ready/Groomed on the Foundational Technology Requests board.

Currently the Product teams are taking the following steps:

  • Discovery to scope the problem statement from a product perspective and drafting high level product requirements
  • Determining how to better instrument data from current captchas, to help inform decisions around what to do with captcha generally
DAbad updated the task description. (Show Details)Oct 14 2021, 3:14 PM
Aklapper updated the task description. (Show Details)Oct 14 2021, 4:20 PM
Aklapper added a comment.Oct 14 2021, 4:22 PM

@DAbad: Would T250227: Investigate and evaluate hCaptcha to replace Wikimedia's Fancy Captcha be a parent or subtask of this task? If it is, feel free to set that semantic connection via Edit Related Tasks.... Thanks!

kolbert subscribed.Oct 15 2021, 8:44 AM
DAbad added a comment.Oct 27 2021, 8:12 PM

Created PRD to capture captcha requirements from Petr and Desiree: https://docs.google.com/document/d/12vl4vCZivUvZWJ0yW_OWAh_AwxjrLfKzGu-RjOtRllE/edit#heading=h.5i20fdfevq7o

DAbad added a comment.Oct 27 2021, 8:13 PM

John B. to send aggregated report from security perspective

JBennett subscribed.Oct 27 2021, 8:20 PM

More documentation

In T289607#7462995, @DAbad wrote:

John B. to send aggregated report from security perspective

Looks like it's already referenced at the bottom of the PRD.

DAbad updated the task description. (Show Details)Nov 3 2021, 6:02 PM
DAbad lowered the priority of this task from High to Medium.Nov 30 2021, 8:23 PM
DAbad moved this task from Ready/Groomed to Parking Lot (Reviewed but Not Prioritized) on the Foundational Technology Requests board.

Technology Steering Committee Meeting on November 10, 2021:

  • Recapped our discussion with Legal and Security on next steps for Captcha where we agreed that we need to have a dedicated team supporting this type of work.
  • As agreed during steering committee, we will move this to the Parking lot for now and focus on what resources we need to support this and similar work for security.
DAbad added a subtask: T250227: Investigate and evaluate hCaptcha to replace Wikimedia's Fancy Captcha.Dec 2 2021, 4:23 PM
DAbad renamed this task from <Research> Improving Captcha to <Security Initiative> Improving Captcha.Dec 8 2021, 9:29 PM
Tgr subscribed.Dec 23 2021, 8:12 PM
kostajh subscribed.Jan 6 2022, 1:23 PM
kostajh updated the task description. (Show Details)Jan 10 2022, 9:20 AM
DAbad added a subtask: T6845: CAPTCHA doesn't work for people with visual impairments.Jan 10 2022, 2:37 PM
Diskdance added a subtask: T333770: Evaluate Cloudflare Turnstile as alternative to FancyCaptcha at Wikimedia.Apr 2 2023, 3:34 PM
Aklapper removed DAbad as the assignee of this task.Apr 29 2024, 7:35 AM

Removing inactive task assignee. (Please do so as part of offboarding - thanks.)

Aklapper added a project: FY2024-25 WE4.2.3 CAPTCHA evaluation framework.Sep 16 2024, 8:53 AM
Aklapper removed subscribers: JBennett, DAbad.
Reedy mentioned this in T378188: Implement secure enclave mode for hCaptcha.Oct 25 2024, 2:42 PM
Reedy mentioned this in T378194: hCaptcha: Implement no captcha mode (API/no js usage).Oct 25 2024, 4:28 PM
kostajh changed the status of subtask T250227: Investigate and evaluate hCaptcha to replace Wikimedia's Fancy Captcha from Open to In Progress.Nov 28 2024, 8:36 AM
RhinosF1 subscribed.Sun, Jan 5, 6:23 PM
Aklapper closed this task as Invalid.Tue, Jan 7, 6:13 PM
Aklapper updated the task description. (Show Details)
Content licensed under Creative Commons Attribution-ShareAlike (CC BY-SA) 4.0 unless otherwise noted; code licensed under GNU General Public License (GPL) 2.0 or later and other open source licenses. By using this site, you agree to the Terms of Use, Privacy Policy, and Code of Conduct. · Wikimedia Foundation · Privacy Policy · Code of Conduct · Terms of Use · Disclaimer · CC-BY-SA · GPL · Credits