Pluggable CAPTCHA

2010-05-20T03:13:15
ID ATLASSIAN:JRACLOUD-21359
Type atlassian
Reporter chris@atlassian.com
Modified 2019-04-16T03:49:37

Description

{panel:bgColor=#e7f4fa} NOTE: This suggestion is for JIRA Cloud. Using JIRA Server? [See the corresponding suggestion|http://jira.atlassian.com/browse/JRASERVER-21359]. {panel}

CAPTCHA should be pluggable in JIRA

[CAPTCHA|http://en.wikipedia.org/wiki/CAPTCHA] is supposed to stop spam and other automated nefarious usage of systems.

But there is an arms race of [CAPTCHA breaking|http://www.slightlyshadyseo.com/index.php/xmcps-how-tobasic-captcha-cracking-techniques-part-1/] and then coming up with [new and better CAPTCHA solutions|http://blog.chromosundrift.com/2009/04/google-whats-up-captcha.html].

IN addition, like many others, JIRA's current CAPTCHA can be difficult for humans to read, see JRA-16559 .

So if JIRA had a pluggable CAPTCHA capability, it would be possible for JIRA to more quickly benefit from available advances in CAPTCHA protection without a change to the core product.

(Oswaldo implemented this in shipit day)