Comment by NoGravitas
3 days ago
The point is that it will always be cheaper for bot farms to pass the challenge than for regular users.
3 days ago
The point is that it will always be cheaper for bot farms to pass the challenge than for regular users.
Why does that matter? The challenge needs to stay expensive enough to slow down bots, but legitimate users won't be solving anywhere near the same amount of challenges and the alternative is the site getting crawled to death, so they can wait once in a while.
It might be a lot closer if they were using argon2 instead of sha. Sha is a kind of bad choice for this sort of thinh.