Kudos to Wyze for the first cut at this app. There are numerous shortcomings but that is not unexpected. However, I do not understand why the capcha is often required when I have correctly entered my login credentials.
It is to deter others from deploying brute force bot attack automations. It’s not necessarily that Wyze doubts you’re the owner when you enter the correct credentials the first time, it’s just an extra security precaution to make sure your credentials can only be entered by a human, ensuring it is you, and not someone else trying to abuse it.
There may be other ways to ensure this, like you implied, in theory I guess something could be programmed to only require captcha if a password is entered incorrectly the first time or some other qualification, but making it an every time requirement is probably just to help people feel their systems are as secure as possible from automated bot brute forcers.
You’re being nice carver, but if that were such a worry there would be something similar for app logins (without 2FA). Is there? I don’t think so.
It just sounds like poor (beta) design to me…
You make some valid points I had not considered. Wyze does implement captcha on everything related to it’s website though, not just the webview. And while captcha is a common standard for many websites it is fairly rare for apps. I don’t have enough experience to speculate much more on that, but I wonder if it has to do with the standard practices of whoever is in charge of the website aspects for Wyze since it is something they use throughout the rest of their domain.
This topic was automatically closed 90 days after the last reply. New replies are no longer allowed.