Login Security Enhancement

We have added Google reCAPTCHA v2 on the Netcore CE login page to strengthen login security and improve the user experience. Here are some key points you should know about it:

• Captcha after failed attempts: A CAPTCHA is now triggered automatically after three consecutive failed login attempts. This measure helps prevent brute-force attacks.

• Improved user feedback: When CAPTCHA is required, the Login button is disabled (grayed out) until the user completes verification.

• Session handling: Once shown, the CAPTCHA remains active for 30 minutes within the same session. After this period of inactivity, users must refresh the login page to begin a new login attempt.

Why This Matters

Previously, users experienced confusion when repeated login attempts failed without explanation. Additionally, the platform lacked effective safeguards against automated attacks. This update provides users with clearer feedback and significantly enhances protection against malicious login attempts.

FAQs

1. Why am I seeing a CAPTCHA on the login page?
You will see a CAPTCHA if you enter an incorrect password three times in a row. This security feature helps protect your account from automated login attempts.

2. Do I need to solve the CAPTCHA every time I log in?
No. CAPTCHA appears only after three failed login attempts. If you enter your password correctly, you will log in without any interruption.

3. How long does the CAPTCHA stay active?
Once triggered, the CAPTCHA stays active for 30 minutes during your current session. After that, you must refresh the login page to attempt login again.

4. What happens if I don't complete the CAPTCHA?
The Login button remains disabled until you complete the CAPTCHA.

5. Is this update affecting all users?
Yes. This update is live for all CE users to enhance both login clarity and account security.