Captcha check for registration needs improving.

I was so bold to set this to high. Would be great if we could find a replacement captcha quickly. After all, the infrastructure is there, isn't it?

Well, no captcha is going to prevent manual registration by spammer.

Do we have any evidence that these accounts were not created manually?

And no, there is no infrastructure in place here that would make easier the integration of a third-party visual captcha.

The "infrastructure" I referred was the fact, that we already use a captcha. So we have the process of "Display captcha", "Compare captcha" and "Repeat with new captcha if failed". Sure, I did not expect a drop-in replacement.

At least it is (was) pretty obvious that they were created by the same person as they all looked the same with varying URLs and Account names. Spam is only effective en masse, so I don't see anybody going through the manual trouble, especially when our captcha is so easy to circumvent.

But maybe that is just my impression.

Well, either they filled it by hand, or they wrote a script targetting us. Not sure it's worth investing time in either cases.

Launchpad now uses Ubuntu's SSO.