Old style Captchas are outdated and easily bypassed with modern AI
Currently leaning towards adding 2FA options for the Web UI in the form of TOTP and GPG-key verification.
One thing that's not an option is linking to managed services like reCaptcha.
Would also like to continue avoiding JS dependency as much as possible, keep guaranteeing that autobuild-web works on browsers with JS disabled, and ideally works exactly the same on browsers with JS disabled
It's been a long while since I've done any serious web dev, so I'm not exactly up to date on the security arms race. Will do some more reading before implementing a solution
Old style Captchas are outdated and easily bypassed with modern AI
Currently leaning towards adding 2FA options for the Web UI in the form of TOTP and GPG-key verification.
One thing that's not an option is linking to managed services like reCaptcha.
Would also like to continue avoiding JS dependency as much as possible, keep guaranteeing that autobuild-web works on browsers with JS disabled, and ideally works exactly the same on browsers with JS disabled
It's been a long while since I've done any serious web dev, so I'm not exactly up to date on the security arms race. Will do some more reading before implementing a solution