Comment by godzillabrennus
1 day ago
In the startup world it is a huge economic advantage if you can prototype an idea in days that would have taken months or years. The tradeoffs are acquiring technical debt but we seem capable of resolving that after the concept has found product market fit.
Yes, but its not just startups and people do not seem to actually resolve it.
Lots of big businesses use recaptcha. Quite often unnecessarily. If I need to login with 2FA touse a service does it really need recaptcha?
Similarly, cloudflare sends you emails telling you how many bots and attacks it has stopped - but you do not know how many false positives there were.
Yes you still need recaptcha simply to avoid password stuffing attacks.
Certainly not in the mentioned 2fa scenario.
I would guess that simple rate limiting would do the trick for the rest
1 reply →
Citation, as they say, is needed.
As far as I can tell, most startups resolve their technical debt by failing, and the majority of the rest resolve their debt by being acquired by a company which replaces the original service entirely in 1-3 years because it's too hard to integrate as-is.
Yes, and I certainly was not saying startups should roll their own fraud prevention