ReCaptcha extremly slow fading

[exocode]

hi there,

since some months (as I remember it is maybe July) the recaptcha fades aout and reappears veeeery slow. And if I solved it, it means that I solved it wrong. I dont know how many forms I had to re-fill-out because of that. That's the reason why I open this issue.

I found out, that this mostly happens in Google's Chrome itself. When I try to solve the ReCaptcha in Safari, it works blazingly fast. I deactivated every Extension but that wont solve my slow Recaptchas.

Any ideas how to get rid of that annoying and disappointing issue? (Version 69.0.3497.100 (Offizieller Build) (64-Bit) on a Mac (10.13.6 (17G65))

many thanks in advance

(you can see it here in action: https://drive.google.com/file/d/18EzfmS-synbS6YKEVmV5Wf2yIGBVh1Ee/view?usp=sharing )

[vertigo220]

This has been an ongoing issue for me for at least several months as well. And as if it's not bad enough, oftentimes one or two of the images will be matches five or six times in a row, meaning I have to click, wait ~5 seconds for the new image to load, click, wait, click, wait, click, wait. It gets old, especially when I do all this and it just loads a whole new recaptcha, over and over. I have literally (yes, literally) spent 10+ minutes trying to get a recaptcha to work, probably on at least a couple occasions, and it typically takes at least a few minutes. It's beyond ridiculous.

[gingerbeardman]

I have also seen this around.

Net result is the browser running so slow it's impossible to interact with either the captcha or underlying page.

Console log shows that it is related to CSP implementation not being right for Safari?

Using: Safari on macOS 10.13.6 (17G3025)

Two related bug reports:

• in use on a website https://github.com/simon987/od-database/issues/5
• in an Electron app https://github.com/itchio/itch/issues/2156

[theshopeac]

I enter sweepstakes online. It is NOT your browser unless you can't connect to recaptcha at all. On one particular site I frequent that puts on about 65 sweepstakes of their own, the first ten or so I enter are either just a checkmark or single recaptchas, then they go to two recaptchas, then the next sweeps may have three, then four, then the fading ones. There have been times I have had to solve was many as eight!!!! And I have an account with this site!!! It is extremely annoying to have to prove over and over that I am not a robot. It is just a ploy to slow you down.

[TimGoll]

I have the same problem but it is not related to chrome for me. It's related to my google account across all devices. So annoying.

And it's that way since at least 6 months. If not even longer.

[vertigo220]

I didn't mention it before, but for me the problem is mostly with Waterfox. It works fine for me in Chrome, which simply makes me wonder if (and frankly believe) it's because Google intentionally makes it less functional in other browsers. It wouldn't be the only instance of anti-competitive behavior from them. After all, just look at the recent accusation (which I wholly believe) from someone from the MS Edge team claiming Google intentionally keeps changing stuff to cause their services to not work as well in other browsers. It's certainly something I've been noticing for a long time.

Anyways, I've completely given up on the picture captchas, and have found the audio ones work significantly better. I hesitate to even mention that, because I don't want to point it out to Google so they can break that, too, but anyone having issues with the ReCaptcha system should try that. And a hint: you don't have to type all the words it says, just one of them.

[gingerbeardman]

After reporting my bug above (I think talking to a brick wall) I emailed support@recaptcha.net and the Safari issue was fixed promptly. Good luck to the rest of you.

[gingerbeardman]

@Noiwex you know recaptcha 3 doesn't involve any typing or image clicking?

[TimGoll]

Recaptcha3 is without image clicking? Then every site seems to use recaptcha2

[gingerbeardman]

@TimGoll recaptcha v3 is new, so sites need to opt-in to using it instead of v1 or v2

"Introducing reCAPTCHA v3" https://www.youtube.com/watch?v=tbvxFW4UJdU

[gingerbeardman]

@Noiwex I have no idea what you are talking about

[vertigo220]

I hate to be cynical, but that's my concern as well. If R2 works so poorly and is manual, with R3 being automatic, if it also works poorly, just behind the scenes instead, it might make it even harder to prove you're a human. Google needs to make it reliable and consistent before taking away any possibility of being able to work around it when it doesn't work. Not to mention that in my experience, when software makes automatic decisions, it's often wrong. Add to that how often I'm not even able to do a recaptcha because it gives me an error saying it's detected suspicious activity and thinks I'm a bot (what the hell is the point of a system that's meant to determine bot from human if it just assumes you're a bot and therefore doesn't even let you do the challenge, and yes, this happens all the time), and I expect R3 to be very problematic. Furthermore, R3 looks very much to me like tracking, as it appears to work by monitoring how a user/bot moves throughout a site, where they go, what they do, which gives Google a very powerful means to track a user across the Internet. At least with R1/2 it was only on certain pages, but R3 will be everywhere from the looks of it, and can't be blocked, otherwise the web will break. I suspect that, like so many things, people will welcome it because it makes things easier only to find years later it's a massive privacy breach.

[TimGoll]

@gingerbeardman he taslks about v2. v2 sometimes lets you solve puzzle after puzzle because it thinks you are a bot. and if v3 doesn't offer any possibility to verify that you aren't a bot it is only going to get worse

[gingerbeardman]

Why worry about something that hasn't happened yet?

Come back here if v3 fails, until then... live a little 👍

[TimGoll]

I get you. But I'm so annoyed of v2 that I don't have much hope for v3

[gingerbeardman]

You are literally wasting your life... on this?

[TimGoll]

It was you that started the diskussion. I'm wasting my time on slow fading images when I want to create an account on a new website.

[vertigo220]

So wait until many sites become unusable and then worry about it?? For those of use that recaptcha doesn't work properly, we waste our lives, so to speak, in trying to get sites to work. So it's perfectly reasonable for us to worry about things only getting worse. If it works for you, then good for you, but it doesn't work for everyone. And when it goes from a "mere" waste of time to flat-out not being able to use sites, that's going to be a real issue. So it's not only reasonable to worry about it now, but it would be downright foolish to wait until the Internet becomes restricted to worry.

[gingerbeardman]

Send an email, like I did above.

/unsubscribes

[Poilaucul]

Dear google, you're doing more arm to legit humain than bots. Please fix this, this is not a feature this should be considered as an annoying bug, it's getting in the way of users posting on the internet. This render sites where users post a lot unusable. At least correct it so we can identify the pictures without having to wait 5 seconds for each....

[Enerccio]

Seriously v2 is utterly worst thing that has happened to the internet. Ever. Nothing feels as shitty as solving shitty slow fading puzzles (audio doesn't work at all) then get hit by timeout on account login and do it again. NOTHING. How it will work in V3? Sure I won't get any prompt but I won't be able to log in either then. There are literally sites that won't get my business because of recaptcha.

[vertigo220]

There are literally sites that won't get my business because of recaptcha.

And this is why I see this as an antitrust issue, due to the fact Google's products (Chrome and websites) are significantly less affected by these problems, likely intentionally. Unfortunately, even if Congress were to ever get their hands out of corporate pockets and do their jobs, including enforcing antitrust laws, it would likely still be difficult to do anything about this in that regard, since it's up to the companies to use it or not and isn't being forced on them by Google. Still, they undoubtedly don't realize the issue (though I've pointed it out to one or two sites, and they didn't care...), and maybe just the fact the problem exists in overwhelming disproportion with non-Google products vs Google ones, especially if it can be proven to be intentional, will be enough.

[edowado]

this is one of those things that ruins the internet

[vertigo220]

Just did some more digging into this after spending a few minutes on a captcha (something I find myself doing several times a week) only to have it ask if I'm sure I'm human (umm, pretty sure..?). I remembered reading something the other day about captchas using cookies to tell if you're human or not (presumably by tracking you, since that's what many/most cookies do, then recognizing your browsing habits as being human-like or not) and thought I'd see if I could create fake cookies. A bit of searching led me to issues #155 and #296 which, while not directly related to this issue, certainly seem to contribute, since it's one thing to have the tiles fade in and out slowly, but quite another when compounded with Google's idiotic system requiring you to do one after another after another, ad nauseam. So for those of you struggling, hopefully looking into those issues will help some. It certainly explains why the problem seems so much worse in Waterfox, since I block 3rd party cookies and block Google everywhere except on their domains, with a few exceptions, including the recaptcha URLs.

Also, a while after mentioning before that the audio ones are easier, they started failing a LOT more, with the message that "Your computer or network may be sending automated queries. To protect our users, we can't process your request right now." Maybe just coincidence, but I wouldn't put it past them to have changed something to make it harder. It really seems to me they're making it all but impossible to use the web without allowing them to track you. So I'm going to do some testing with cookies and, once I confirm that's the issue, I'll be filing a complaint with the FTC. Just so sick of wasting so much time because of this BS.

[zroug]

Also in Firefox, when you enable privacy.resistFingerprinting to improve your privacy, you can be certain to get extremely slow fading capatchas and it is next to impossible to solve them. This is locking out privacy focused people from large parts of the Internet and not a good thing.

Regarding the slow fading: I think it is totally unnecessary. It really doesn't matter much if an automated script takes a few seconds longer but for a human it is plain and simple annoying.

[matteopey]

Hello, lately I've been struggled with reCaptcha so I decided to test various configuration of Firefox with different extensions and settings. All tests are done after deleting cookies and restarting browser (I left enabled the option to delete cookies on close).

I used the reCaptcha that you see in Disqus login page.

System: Windows 10, Firefox 66.

Explaination:

• Extension name in bold means DISABLED.
• Setting in bold: changed from previous config.
• The n in "nx" represent the times I had to click on images.
• The FAIL means that reCaptcha says "Retry".

Configuration	Actions made before completion
Extensions: Decentraleyes No Coin DuckDuckGo Privacy Essentials Privacy Badger Tracking Token Stripper Preferences: Content blocking: restrictive, no exceptions Do Not Track: always privacy.resistFingerprinting: true	Semaphores-Semaphores-Bycicles-Hydrants-Crossings FAIL-Shops(SLOW FADE 9x)
Extensions: Decentraleyes No Coin DuckDuckGo Privacy Essentials Privacy Badger Tracking Token Stripper Preferences: Content blocking: restrictive, no exceptions Do Not Track: always privacy.resistFingerprinting: true	Bus (SLOW FADE 4x) FAIL-Hydrants-Hydrants-Crossings-Hydrants-Bycicles-FAIL- Crossings-Bycicles-Bycicles-Taxi-Semaphores FAIL - Hydrants (SLOW FADE 5x)
Extensions: Decentraleyes No Coin DuckDuckGo Privacy Essentials Privacy Badger Tracking Token Stripper Preferences: Content blocking: restrictive, no exceptions Do Not Track: always privacy.resistFingerprinting: true	Shops (SLOW FADE 6x) FAIL-Bus-Bus-Crossings-Semaphores-Bycicles
Extensions: Decentraleyes No Coin DuckDuckGo Privacy Essentials Privacy Badger Tracking Token Stripper Preferences: Content blocking: restrictive, no exceptions Do Not Track: always privacy.resistFingerprinting: true	Cars-Hydrants (SLOW FADE 4x)
Extensions: Decentraleyes No Coin DuckDuckGo Privacy Essentials Privacy Badger Tracking Token Stripper Preferences: Content blocking: restrictive, no exceptions Do Not Track: always privacy.resistFingerprinting: true	Semaphores-Vehicles-Bycicles (SLOW FADE 4x)
Extensions: Decentraleyes No Coin DuckDuckGo Privacy Essentials Privacy Badger Tracking Token Stripper Preferences: Content blocking: restrictive, no exceptions Do Not Track: always privacy.resistFingerprinting: false	Hydrants (FAST FADE 10x)
Extensions: Decentraleyes No Coin DuckDuckGo Privacy Essentials Privacy Badger Tracking Token Stripper Preferences: Content blocking: normal Do Not Track: always privacy.resistFingerprinting: false	Bridge-Semaphores

So as you can see extensions have an impact, but disabling the Firefox privacy features make a huge difference.

If you don't want the slow fade you really need to set privacy.resistFingerprinting to false.

[vertigo220]

While rF no doubt has an impact, I can tell you that having it set to false isn't the (only) answer. I've always had mine set to false, since it causes other issues that I didn't want to deal with, and yet I've had this problem for a long time. I don't want to post yet regarding the results of my own testing regarding cookies, as it hasn't been long enough, but so far there seems to be a major difference. Right after changing the settings, a reCaptcha that was being very problematic allowed me through very quickly, and I've only seen a couple others since and one I had to do more than the first, but far less than typical, and IIRC it also slow-faded, but the most recent one the slow fading was gone and it worked quickly. So it's too small a sample size to call at this point, but it definitely appears that cookies play a huge role. I wouldn't be at all surprised if, after I verify things are much better, I were to enable rF only to find things go downhill again. It's probably a combination of those two things and maybe a bunch of smaller things, but cookies (and probably rF) seem to have the biggest impact.

BTW, your fifth test should have rF bolded, since it's disabled (set to false).

[matteopey]

It was actually a mistake on the fifth test, now fixed. Yeah definitely if you consider cookies things change, but I wanted to see what happens without them in "clean" conditions.

[devnaelson]

Same problem, login and ajax.

[ildoc]

So as you can see extensions have an impact, but disabling the Firefox privacy features make a huge difference.

If you don't want the slow fade you really need to set privacy.resistFingerprinting to false.

yeah, but I'd rather not giving up my privacy just to have recaptcha working on firefox...

since there's no issues using chrome, seems like recaptcha is broken by design just on firefox because of the higher attention to users privacy

[grahamperrin]

I most often use home-built Waterfox Classic 2019.10 (20191103135811) on FreeBSD-CURRENT. Rarely encounter reCAPTCHA.

AFAICT the slow fades occur only if I recently failed a challenge. I noticed this recently in a different Browser at https://secure.diigo.com/sign-in where it's easy to click the wrong button (a blue button that is not VERIFY). Slow fades are:

• appropriate in this situation.

no issues using chrome,

I can get slowness in Chromium.

[Enerccio]

I most often use home-built Waterfox Classic 2019.10 (20191103135811) on FreeBSD-CURRENT. Rarely encounter reCAPTCHA.

AFAICT the slow fades occur only if I recently failed a challenge. I noticed this recently in a different Browser at https://secure.diigo.com/sign-in where it's easy to click the wrong button (a blue button that is not VERIFY). Slow fades are:

* appropriate in this situation.

no issues using chrome,

I can get slowness in Chromium.

How is it appropriate if you fail? I fail recaptcha regularly because google is retarded or captcha is ambiguous.

[ildoc]

How is it appropriate if you fail? I fail recaptcha regularly because google is retarded or captcha is ambiguous.

or just if you aren't using chrome

[grahamperrin]

How is it appropriate if you fail?

The more often that something or someone fails a human-oriented challenge, the greater the likelihood that it's failure of a thing (a machine, not a human).

[vertigo220]

I just had this happen in the GOG Galaxy client, not to mention I now have much faster internet, ruling out the possibility that it's due to Firefox (and it's setup/addons/etc) and/or slow internet. And not only did it do the slow fading, but it failed and required me to do it again despite doing it perfectly. I am now 100% convinced it's simply a POS, whether by design to make it more difficult for bots, which would be completely idiotic, or to make it work poorly in anything other than Chrome, which I wouldn't doubt for a second, or due to incompetence, which would be easy to believe based on the general degradation of Google's products. Frankly, I wouldn't be surprised if it's a bit of all three, but I think it's mostly #2 (anti-competitive) with a good dose of #3 (incompetence).

[vertigo220]

Thanks. Edited.

[nuenuewei]

The more often that something or someone fails a human-oriented challenge, the greater the likelihood that it's failure of a thing (a machine, not a human).

The problem being, "guess which of these ten fragments of a stoplight count as a stoplight according to an AI" or, "guess which of these RVs did an AI decide was actually a bus," "does this version of the AI consider SUVs 'cars'," and "did the AI decide this series of parking spaces was a crosswalk?" are NOT human-oriented challenges. The most accurate answer to the question, the one an honest human trying to get the challenge correct would give, is often not the correct answer. It doesn't follow any consistent rules or logic either, you can't "learn" to answer better. Sometimes tagging that square with only one little tiny corner of the target object fails you, sometimes NOT tagging it fails you!

The result could be described as systematic mental abuse and gaslighting. It's abhorrent on a psychological level.

[vertigo220]

Sometimes tagging that square with only one little tiny corner of the target object fails you, sometimes NOT tagging it fails you!

That's the thing I hate the most about these, aside from the slowness and constant failing. If a traffic light/motorcycle/bicycle/etc is 90-95% within one or more squares and sticks just ever so slightly into another, does that one count? Sometimes I select it, sometimes I don't and, as you said, there doesn't seem to be a right answer.

I'm not sure, though, if they're AI-driven. I always assumed they were set up by humans, who tag the pictures and squares as to what they contain, which then allows the captcha system to know and match that against users' answers.

[ildoc]

Recaptcha is training us to train it correctly 😂😂😂

[vertigo220]

True. I guess I figured it would make more sense to train based on having the AI learn from human responses correlated with human tags, but now that I think of it, it does seem more likely their end is entirely AI-based.

[franksouza183]

the basic premise of any captcha is to stop bots, not humans, since it is also taking down humans, it is clearly failing. The most hilarious thing is that google's "geniuses" decided to put a bot to decide who is human. More stupid than the one who created this piece of garbage, is the one who adopts it on his website.

[rowan-m]

This repo is for issues with the PHP client.

[breakline87]

Google is a garbage company, I don't expect anything quality from them.

[grahamperrin]

https://github.com/google/recaptcha/issues/268#issuecomment-586641699

... there doesn't seem to be a right answer.

If you design a CAPTCHA to have a right answer for everything: the predictability will enable bots to trample over the design.

[aggregate1166877]

Within my own home network I can reproduce it consistently when my wifi signal is low, in both Windows and Ubuntu Linux. The moment my signal is good, the recaptcha works. This becomes a real problem on my wifi-connected gaming desktop machine, which I can't simply move to the living room every time (it's tightly tucked into a corner and weighs around 30 pounds).

[Bexin3]

Looks like this issue is back for me, I guess to combat AI but it makes google almost unusable, having to wait 5 seconds for images to fade in and out is frankly too much

[ghost]

Google is a garbage company, I don't expect anything quality from them.

It is a slime mold

This repo is for issues with the PHP client.

Alien 1: Hey, man, Abductions just follows the acquisition order. Alien 2: Don't put this on Acquisitions! We only acquire humans that haven't been simulated! Alien 3: Well, Simulations doesn't simulate anybody that's been abducted, so--- Alien 0: Oh, I see! Oh, oh! It was no one's fault. Oh, okay. I'm sorry. Well, then, problem solved. Oh, wait no. shouts There's still another human in here! Who is he?

[vertigo220]

I haven't been keeping very good track, unfortunately, but over the past few years, on a couple different computers and with wildly varying speed and quality internet connections and with various browsers (mostly Vivaldi then Brave, have all but given up on Firefox as it's sadly gone so far downhill), I'm still having issues with captchas. I'm somewhat surprised I still have as much issues as I do despite using Brave, though it may very well be due to its built-in blocking, and they do seem less frequent. One big change I've made is how I deal with captchas. If they present as the type where I have to select the boxes that contain part of an object, I don't even bother. I just refresh over and over until either I get one with separate images in each box, or I refresh several times without getting that, in which case I just close the tab and try again. I'm just done playing their games and jumping through their hoops. And if the images load slow, especially if they keep going and going, I'll just hit submit while it's still loading, which will cause it to fail, and then usually close the tab and retry. I just refuse to keep going and going. I often feel like it's a psychology experiment to see just how long people will continue.

On another note, while I'm not a fan of Epic Games in general, and it aggravates me immensely that they force you to do captchas just to "buy" games (i.e. claim the giveaways), I have to say their captchas are well-done. They're easy, fast, and if you do what it asks you'll always pass. And they actually seem like they'd be harder for bots to do successfully, though that' shard to say since I don't know enough about that to say for sure. Google should really take a look at them to see a good implementation.