*laugh*
The list of gog related ™ is really getting too long and not in a good way.

Guessing that was the trial run and now with the sale they're using it for good... Really silly, and definitely not something I've seen anywhere else.

But that leaves the bigger question: Where does that leave MaGOG?

You probably already knew, but mrkgnao found a workaround which, after some initial trouble, has been working for the last 5 days:
https://www.gog.com/forum/general/magog_a_search_engine_for_gog_games/post1505

I haven't uncrossed my fingers since then... :S

I know, I know, but thinking that if he found a workaround, so can others with bots, hence the measure would be rather pointless in terms of what it claims to do and serve only to inconvenience well-meaning users (doesn't that remind you of something?). On the other hand, if they'd make it actually block all bots, as in work on that workaround as well, problem.

i know at least 2 others sites which use reCaptcha as login , atlhough one of them don't use 2FA factor. A third one use only 2FA factor. So if GOG think an extra security layer is necessary at each login ..... next wll be your mobile phone number & an app . >_> ; since they follow a certain platform with a big S.

Yeah sure, trusting Google for this, is like trusting their cars -_- , the Top Men are not in Top Form ;)

Anyway ReCaptcha isn't user-friendly, i don't know what they smoked o_O

Sadly true...

The optimal solution would be for GOG to whitelist MaGog's IP somehow so she can access GOG data without trouble.

Wait, no, scratch that! The optimal solution would of course be GOG having an automatic (and working!) update notifications system, coupled with open access changelogs. Then there would be no need for a "What did just update" post...



Is Bitbucket one of those sites? I just created an account there and I've had to pass that damn reCaptcha again! :D

They never whitelisted the IP so far, all the times it was blocked required a manual removal of the block, didn't it?

And the optimal solution would be for GOG search to become MaGOG, basically. Plus that part about notifications, of course.

Nope :

2 of them are bundle sites :
- Bundlestars reCaptcha at login + your credentials
- Indigala : not certain of the reCaptcha (quite some time i didn't use this one , most bundles are pieces of crap) , but there's a 2FA authentication for sure after your enter your credentials.
- Humble Bundle storefront : you enter your credentials & when you attempt to access to your library / purchases history ect , the 2FA authentication enters in action. -> no reCaptcha i'm sure at 100%.

So i'm not really surprise GOG increased the security with reCaptcha , but this thing is NOT user friendly in any way , claming the contrary like the Top Men do, isn't true.

It could be worse... :P

I know of at least one site with a big S that not only doesn't use reCaptcha on every login, but they also redirect to unencrypted HTTP after login via HTTPS, a practice extremely frowned upon by security experts for 16+ years or so. I mean, if we're going to be comparing certain platforms with big Ss and all as the huge blueprint allegedly being followed. :)

The best advice seems to be "don't log out". Gotcha, GOG!

Well, my point is mostly : the more a site has increased security features , the more it's a challenge for anyone who attempt to "break" it, and when it's "broken" , another security layer is added and so on ...to the point the regular user is annoyed. > see the debacle with Steam & their virtual items ... .It's the game the cat & the mouse.

Sure they are users who don't really care / or don't pay attention to the basic security advices, which initially could be the reason of the increase of the security measures... ie : too common passwords, clicking everything on a webpage :P (especially certain malicious websites) , phishing , and i could continue.

In other hand as you pointed out some sites have poor security functionalities and shouldn't be used.

Is that meant as a mobile app? What if I have a mobile phone that can't run such apps?

And now you understand the complains of tons of Steam users who can't have the same functionalities as those with a smartphone.
:-)

Although, to be fair, is optional when it comes to logging in.