CAPTCHA
Content
Overview
ULM Cloud includes support for CAPTCHA (acronym for "Completely Automated Public Turing test to tell Computers and Humans Apart").
CAPTCHA is an automated, dynamically-generated challenge that determines whether or not the user on a webpage is human. CAPTCHA prevents brute-force attacks (typically to discover passwords for profiles via automated repeated guesses) by presenting a challenge only a human can solve.
If the end user triggers a CAPTCHA prompt during authentication, they must first pass the challenge in order to proceed. These challenges are simple and easy for humans to pass, but difficult for malicious automated "bots" to bypass.
CAPTCHA Types
There are multiple types and versions of CAPTCHA, the criteria for when and how to challenge a user is dependent on the CAPTCHA type. For example, some versions prompt the user to click a checkbox, and prove they aren't a malicious bot, after a failed number of login-requests.
In other cases, the system instead requires the user to match images to further validate their identity.
Supported CAPTCHA
By default, ULM Cloud supports Invisible reCAPTCHA, version 2. This version includes an "invisible" check that monitors multiple factors in the user's behaviour before making any kind of prompt.
Support for more CAPTCHA and challenge types (e.g. 2FA, honeypot) are roadmapped for future release.
Configuring CAPTCHA
reCAPTCHA settings are configured in the MarketONE ULM Admin web application, under Settings > Security.
Revision History
| Version | Description |
|---|---|
| 2020.11 | Added this topic. |