Captcha on Login

[Dark0ne]

The Google captcha works off Google's database. If your IP changes regularly and you clear your cookies at the end of your browsing session, or you use a VPN and you clear all cookies at the end of a browsing session, Google isn't going to have any information on you and you'll be asked to do a Captcha challenge each time you login to the site. If you don't like the idea of Google having any information at all on you (even anonymised, as it is) then you have two options: do the captcha each time you login, or completely block Google Captcha on your system and you will be presented with a different Captcha option entirely. The backup captcha will show on every login, whereas Google's Invisible reCaptcha system will check their database to see if you're legit which means that 95% of users on the site will never see a captcha screen at all.

 

The Nexus login cookie has a very long expiration time on it so that, once you're successfully logged in, you should remain logged in for a long time and ergo not have to (potentially) do the captcha again for a long time either. However, if you delete the Nexus cookie each time you close your browser, or clear all your cookies manually from time to time, then you'll be logged out. Cookies are used to keep you logged in to sites across multiple visits and across a wide range of time. If you delete them, that's your prerogative, but the consequence is that you will likely have to do the login captcha again.

[axonis]

Confirmed: I use EFF's Privacy Badger to block Google (and any other tracking site) from Nexusmods and I don't get Google's recaptcha but the Nexus captcha which doesn't require consent to Google's terms and it's much easier to fill.

 

As a user I'd rather give up some convenience for privacy but as a mod author I'm taking the necessary steps to make sure users can download my mods without consenting to any unrelated party's terms.

[sLoPpYdOtBiGhOlE]

snip...

 

The Nexus login cookie has a very long expiration time on it so that, once you're successfully logged in, you should remain logged in for a long time and ergo not have to (potentially) do the captcha again for a long time either. However, if you delete the Nexus cookie each time you close your browser, or clear all your cookies manually from time to time, then you'll be logged out. Cookies are used to keep you logged in to sites across multiple visits and across a wide range of time. If you delete them, that's your prerogative, but the consequence is that you will likely have to do the login captcha again.

That's the problem!

 

Your forcing people to leave their cache exploitable...

For users that don't want to auto login, don't want their preferences stored every visit., that do have all history reset on browser close and system shutdown...

Now they have to leave themselves open to junkie advertising net scripts just to visit or host their files here if they don't want the bs login captcha every visit..

 

So that's your prerogative to screw those users over with the login battle...

But obviously site usage will go down, but hey who cares, your right jack...

 

FU2...

Edited July 10, 2018 by sLoPpYdOtBiGhOlE

[NordFred]

The challenge is a nuisance, but why are you using anything from google. Biggest privacy invasion force on the planet! Couldn't nexus use one of the other captcha type services, that don't require clicking 8000 f'ing images to get signed on????

[Deleted55545892User]

I have no difficulties with captcha either.. but I agree, Google are parasites.

 

Then again, so is just about every tech company these days. They're all turning into ad companies. Not tech. :\

[AugustiusV]

I thought I might mention this to those who want to force alternate captcha login, and block Google coockies, and thus bypass Google and it's obsession with data mining:

 

If you go to Internet Options>Security>Restricted Sites, and then click the "sites" bar, and then erase whatever is in the bar by default, and type "Google.com", you can block most Google cookies. Most regular Google services such as search and YouTube will still work however, but Google is limited in what it can store about your browsing.

 

I failed the backup text captcha about 6 times before logging in successfully, but I'll take such an inconvenience over Google data mining any day. The rabbit hole really goes deep with them. If you allow Google to do it, they'll have 10 years worth of information on your browsing and online activities, as well as information related to what you do in it's apps.

 

Don't blame Dark0ne for Google's bad habits. Too many other sites use Google captcha, and when you're stuck between potential data breaches and minor user inconveniences, you have to go with the latter. Nexus Mods could be sued if user accounts get compromised, and unlike major internet services, they probably couldn't recover from a lawsuit.

Edited July 11, 2018 by AugustiusV

[masternoxx]

I HATE IT 1000%

[Dark0ne]

Now they have to leave themselves open to junkie advertising net scripts just to visit or host their files here if they don't want the bs login captcha every visit..

 

 

The ad scripts don't come from our servers, so no, you don't. By making a whitelist exception for Nexus Mods in your cookies you're only allowing Nexus Mods to set cookies, not scripts from other domains/ad providers. Or, alternatively, turn first-party cookies on but turn third-party cookies off in your web browser. That way, any cookies that the Nexus Mods site sets itself, from the Nexus Mods domain, will work (e.g. the login cookie) and any third-party cookies set by advertising scripts that run on page load on Nexus Mods will not.

 

If you don't trust our first-party cookies, then you simply shouldn't be using Nexus Mods at all.

 

Couldn't nexus use one of the other captcha type services, that don't require clicking 8000 f'ing images to get signed on????

 

 

We do. If you block Google, a different Captcha will show. We use Google reCaptcha because the vast majority of internet users don't really care about their anonymised data being used by companies and thus, this new captcha system won't be affecting any of them.

[Deleted55545892User]

 

Now they have to leave themselves open to junkie advertising net scripts just to visit or host their files here if they don't want the bs login captcha every visit..

 

 

 

The ad scripts don't come from our servers, so no, you don't. By making a whitelist exception for Nexus Mods in your cookies you're only allowing Nexus Mods to set cookies, not scripts from other domains/ad providers.

 

Couldn't nexus use one of the other captcha type services, that don't require clicking 8000 f'ing images to get signed on????

 

 

We do. If you block Google, a different Captcha will show. We use Google reCaptcha because the vast majority of internet users don't really care about their anonymised data being used by companies and thus, this new captcha system won't be affecting any of them.

 

 

They would, if they realized. Look at the mess Facebook got in... when it's finally explained right to people (and they're motivated by politics.. ahem). This stuff is common knowledge to anyone already savvy, but it was treated like actual "news". It just shows how clueless people are.

[Dark0ne]

Facebook got in a mess because Cambridge Analytica were collecting details of users who had not given permission for their data to be processed. Users who didn't read the small print and accepted the terms of the "fun quiz" CA did were fair game as they specifically agreed to that. It was not fair game for CA to take the data of the friends of those people who played the "fun quiz" without their permission. And that's why Facebook and CA got in a lot of trouble. It wasn't to do with advertising, it was to do with the permissions users were giving to third-party apps on Facebook.

 

As someone who has worked with advertising on sites for over 18 years now, and knows how it actually works, I do not turn off ad tracking cookies. I like seeing ads tailored to my actual interests and understand the anonymised nature of the data they have on me. So I'm definitely not in the "They would, if they realised" category.

 

The fact remains that the vast majority of users do not block cookies, when they have a choice to do so, and ergo Google reCaptcha is the correct option. If people don't want anything to do with Google, they can block Google, and an alternative is provided for them.