by Rachael » Fri Mar 01, 2019 12:28 am
That is actually a very recent change.
There are two mitigating factors that allowed this: First - whenever mass hijackings do start to occur, we mass deactivate old accounts, and the attacker knows this. It makes their determination hit a concrete wall very quickly. Second, the CAPTCHA is indeed incredibly hard - and that's not by accident. The original intent of increasing the difficulty of the CAPTCHAS was because human spammers got past it fairly easily. So effectively, newer members that manage to get past it tend to have knowledge either about Doom or GZDoom that is not well known. I hate to say it - but the general idea behind that change is that the answers can be crowd-sourced. If you're having particular trouble with a question, you could easily go to either ZDoom Discord or a Discord server that's fairly closely related and ask for help - chances are, someone somewhere knows the answer. The questions may be difficult but they're not impossible by any means, and a little determination can get you past them with little issue. And the moment these questions start to fail, they'll simply get replaced with a new set.
If those Q&A's are a recurring problem for you, I would suggest doing a bit of homework, just a little bit at a time over a long period of time, researching Doom and its history as much as you can. The more you know, the easier it will be to get past that thing, and even still when the questions get switched out (which will inevitably happen, eventually).
@ Kappes Buur: I am sorry to be so blunt but you've got to mitigate these issues a little bit on your end, too. I know it's very inconvenient to have a site that has such a tough password failure policy, but as others have suggested, password managers help with this - like KeePass. If you must know, what I personally do is I have an encrypted folder for which I have to type in a password every time I turn on my computer in order to unlock - and it has text documents for a good number of my logins for various sites. (No, this is not the NTFS encrypted folders feature that comes with professional versions of Windows - this program is a special file system driver that has the feature built in) Something non-standard but still secure is probably the best way to manage your passwords.
That is actually a very recent change.
There are two mitigating factors that allowed this: First - whenever mass hijackings do start to occur, we mass deactivate old accounts, and the attacker knows this. It makes their determination hit a concrete wall very quickly. Second, the CAPTCHA is indeed incredibly hard - and that's not by accident. The original intent of increasing the difficulty of the CAPTCHAS was because human spammers got past it fairly easily. So effectively, newer members that manage to get past it tend to have knowledge either about Doom or GZDoom that is not well known. I hate to say it - but the general idea behind that change is that the answers can be crowd-sourced. If you're having particular trouble with a question, you could easily go to either ZDoom Discord or a Discord server that's fairly closely related and ask for help - chances are, someone somewhere knows the answer. The questions may be difficult but they're not impossible by any means, and a little determination can get you past them with little issue. And the moment these questions start to fail, they'll simply get replaced with a new set.
If those Q&A's are a recurring problem for you, I would suggest doing a bit of homework, just a little bit at a time over a long period of time, researching Doom and its history as much as you can. The more you know, the easier it will be to get past that thing, and even still when the questions get switched out (which will inevitably happen, eventually).
@ Kappes Buur: I am sorry to be so blunt but you've got to mitigate these issues a little bit on your end, too. I know it's very inconvenient to have a site that has such a tough password failure policy, but as others have suggested, password managers help with this - like KeePass. If you must know, what I personally do is I have an encrypted folder for which I have to type in a password every time I turn on my computer in order to unlock - and it has text documents for a good number of my logins for various sites. (No, this is not the NTFS encrypted folders feature that comes with professional versions of Windows - this program is a special file system driver that has the feature built in) Something non-standard but still secure is probably the best way to manage your passwords.