Captcha useless

Mr. Flibble · Post by **Mr. Flibble** » Sat Aug 15, 2009 10:06 am

Does no one realise that the admin login captcha will do nothing at all to stop a brute force attack? The captcha answer is sent in cleartext in the html!
src="../Captcha.ashx?w=300&h=80&id=065375&sid=1&t=054202"

Can this be fixed please? I suggest you remove "CAPTCHA image on administrator login page to prevent brute force attacks" on the feature page until it is fixed.

Post by **sohaib** » Mon Aug 17, 2009 10:02 pm

That is because you haven't set your encryption key. Once you set the encryption key you will not see the captcha value in clear text.

Mr. Flibble · Post by **Mr. Flibble** » Wed Aug 19, 2009 4:45 pm

OKi doki.

AbleCommerce Shopping Cart Software

Captcha useless

Captcha useless

Re: Captcha useless

Re: Captcha useless