Announcement

**djandrew** · 05-09-2009, 10:45 AM

Originally posted by linentablecloth View Post

This has frustrated many of our customer and several of our staff, including our owner who has asked me to remove it (which I just discovered, through reading this post, is not possible). Is there no way to figure out what the problem is here? When I created a support ticket I was simply instructed to clear the browser cache. However, this doesn't make sense when the FIRST time someone tries to login in a session they receive this error. Plus it's just stupid. That's not a solution. That's an excuse. Anyway, that's my two cents.

Worked for me --- but it's not the cache, it's the cookies. The verification code is stored in the session cookie. After you've removed the verification field from the template, then clear all the cookies from your browser, close out the browser and try the form again.

This whole captcha thing is ridiculous -- first of all, no reason to have it be as long as it is. That's just unnecessary. Secondly, even the biggest sites like Amazon don't have captchas -- and they actually store the credit card info!!! There are far better ways to detect & ban unauthorized logins (hackers).

**JustPoppin** · 05-30-2009, 07:52 PM

Originally posted by djandrew View Post

This whole captcha thing is ridiculous -- first of all, no reason to have it be as long as it is. That's just unnecessary. Secondly, even the biggest sites like Amazon don't have captchas -- and they actually store the credit card info!!! There are far better ways to detect & ban unauthorized logins (hackers).

Before I learned about the forums I submitted a ticket asking about getting rid of captcha in some places or at least, using a more reasonable version and I was told the same thing - it HAS to be this way.

But it just dawned on me, these forums use a MUCH more reasonable version of captcha (it comes up when you try to do a search without being logged in) - why not use that if it HAS to be that way?

Seriously, I have yet to run into a captcha version as annoying as the one used in 3dcart. And, being that it's that annoying, we should at least be able to easily disengage it if we want to on non-customer specific areas like reviews where there's already a built in security feature - don't automatically approve. If I don't mind sorting through what comes in, I should be able to make that choice.

**GonzaloGil** · 05-30-2009, 10:09 PM

That's a good suggestion, we can certainly look into giving the option to not have catptcha in pages like reviews. The only reason it was added is because on version 2, we did not have it and our users would get 100's of fake reviews from spambots. We can pass that decision to the store owner if they do want to get spam, its really up to them.

Now as far as ours being extremely hard to use, the one used on this forum, which is made by vbulletin, is much harder (letters are warped and sometimes run into each other), and there are even more complex ones out there. If anything, the one we have is one of the easier ones, its just letters and numbers, no warping, not case sensitive.

Looking around i found this:
http://www.johnmwillis.com/other/top-10-worst-captchas/

Now those are complicated.

**maksum** · 08-15-2009, 07:00 AM

I was going to start a new thread, and maybe I will if the discussion in here has grown cold... but here is my complaint about the captcha...

They need to eliminate characters that can be confused! For as many characters as it is (which I think is a bit excessive but whatever) I don't think there would be any reduction in security at all if they eliminated 0's and o's (zeros and ohs) and 1's and l's (ones and els).

It's quite annoying to fill out a long form, or a message, and have everything clear out because you didn't get the verification correct.

http://forums.3dcart.com/attachment....1&d=1250333939

Know what that is above? Well, if you were to type in a "one" you'd be re-composing your message, or filling out your form again.

That's my 2 cents.

Attached Files

3dc_verify.gif (6.9 KB, 31 views)

**Bill** · 08-15-2009, 11:08 AM

I would also be interested in removing the captcha. Just another step for my customers to have to deal with.

I don't see any reason for it. The information the customer provides can be found in a phone book. As someone has pointed out earlier, my online banking, credit cards, phone company and yes even the login to 3DCart doesn't have one.

My business is very competitive. If the customer gets frustrated they will simply move on.

If someone has a workaround for this and doesn't want to post, please pm me.

**Mark** · 08-15-2009, 11:54 AM

I would like it to be just one font. Arial for example. Not sure if that was changed or not, but, that would certainly help.
We have some php software with captcha, or something like it, and it is totally configurable. You can set it to alpha or numeric or both, can change the number of characters to display and even the level of distortion/shading that is used. Works nicely. Just a sugesstion.

**Bill** · 08-15-2009, 12:17 PM

Originally posted by Mark View Post

I would like it to be just one font. Arial for example. Not sure if that was changed or not, but, that would certainly help.
We have some php software with captcha, or something like it, and it is totally configurable. You can set it to alpha or numeric or both, can change the number of characters to display and even the level of distortion/shading that is used. Works nicely. Just a sugesstion.

Mark,

I noticed your site doesn't have a captcha in the My Account page. Did you do this yourself or is it from the older version?

**Mark** · 08-15-2009, 06:38 PM

must be the older version.

**cekman** · 08-15-2009, 07:35 PM

Not sure if your customers are having trouble with Captcha or not?

They may not be letting you know.

But if you view the details of their orders (at least on incomplete orders) there is a section called Error Messages

If you see an Erron Login or Verifcation Error (forget the exact wording) you can bet it was because of the captcha.

I tried to log on the other day as my test customer to try something and it took me THREE times to get the captcha right.

I SO don't get 3DCarts argument that this HAS to be this way - if they thought it was so important we would all be using Captcha to sign into our admin accounts.

Captcha is a GREAT tool for preventing spam - but not for logging into accounts - that's why we have passwords.

Captcha is designed to prevent automatic fill in of forms - I LOVE it for this.

I find it so ironic that my site has Captcha on the account login page - but NOT on the Contact Us page. THAT is where the spam comes from.

The only thing bad that could happen if somone hacked into a users account is that they might use their reward points. But no financial information is stored there.

Please 3DCart - remove the Captcha from the account page and PLEASE put it on my Contact us page.

It was a great first step that they incorporated this technology into the cart - we just need to make it user friendly. So many of my customers are older women with eyesight issues.

In this market anything at all that makes it difficult for a customer to purchase from my store will send them elsewhere. It really is a matter of revenue.

I hope this can be resolved soon.

My advice - use passwords to prevent access to personal information - use Captcha on forms that might cause SPAM.

**Bill** · 08-15-2009, 07:50 PM

Originally posted by cekman View Post

Not sure if your customers are having trouble with Captcha or not?

They may not be letting you know.

But if you view the details of their orders (at least on incomplete orders) there is a section called Error Messages

If you see an Erron Login or Verifcation Error (forget the exact wording) you can bet it was because of the captcha.

I tried to log on the other day as my test customer to try something and it took me THREE times to get the captcha right.

I SO don't get 3DCarts argument that this HAS to be this way - if they thought it was so important we would all be using Captcha to sign into our admin accounts.

Captcha is a GREAT tool for preventing spam - but not for logging into accounts - that's why we have passwords.

Captcha is designed to prevent automatic fill in of forms - I LOVE it for this.

I find it so ironic that my site has Captcha on the account login page - but NOT on the Contact Us page. THAT is where the spam comes from.

The only thing bad that could happen if somone hacked into a users account is that they might use their reward points. But no financial information is stored there.

Please 3DCart - remove the Captcha from the account page and PLEASE put it on my Contact us page.

It was a great first step that they incorporated this technology into the cart - we just need to make it user friendly. So many of my customers are older women with eyesight issues.

In this market anything at all that makes it difficult for a customer to purchase from my store will send them elsewhere. It really is a matter of revenue.

I hope this can be resolved soon.

My advice - use passwords to prevent access to personal information - use Captcha on forms that might cause SPAM.

Well said Ditto!

**Mark** · 08-15-2009, 08:28 PM

The captcha is NOT required to make a purchase and checkout, right?
It's only required for logining in to a previous purchase, right?

**cekman** · 08-15-2009, 09:31 PM

Originally posted by Mark View Post

The captcha is NOT required to make a purchase and checkout, right?
It's only required for logining in to a previous purchase, right?

You may be right - if they know their password and put it in at the time of checkout then it may be ok.

I've been instructin my customers to log into their accounts prior to completing their purcase in order to receive reward points. Is this not needed?

If they want to see their account history, wish list, redeem points etc. then I know they have to log in with Captcha.

Maybe someone else can verify that logging in isn't actually required - but is 'automatic' to complete a purchase.

**cekman** · 08-15-2009, 09:32 PM

Found the actual error message you can look for to see if customers are having trouble logging in. It's

Incorrect Verification Word

I think that's the right error message.

I just found this on yet another order I was 'checking out'.

**Bill** · 08-15-2009, 09:44 PM

A Customer must log-in before making a purchase to reap the benefits of the reward points program. That's where the captcha problem comes into play. We've only been live here for a few days and have had several calls from customers that we migrated over from the other store. They don't like it. I've had problems myself logging in using the captcha. If I were a new customer, I'd just leave.

**Mark** · 08-15-2009, 10:24 PM

Apparently, the bot can "read" or OCR the "images" and sign in. That's why the captchas have to be difficult to read. Just how to bots OCR? Is that really possible?
Wow. That's pretty good technology.
In any event, it need to be configurable to some degree.

Announcement

Removing verification / captcha on MyAccount page

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment