jeudi 22 juillet 2021

Should I verify google reCaptcha (V2 invisible) on backend when the user entered a wrong password

I have used reCaptcha in a project and it seems to ignore repeatedly inserted wrong passwords for too long.

Does it have to do with token verification on backend?

Right now my controller verifies captcha before verifying credentials.

does verifying indicates for reCaptcha that the user entered the right password?




Aucun commentaire:

Enregistrer un commentaire