Impossible Roblox Captcha

maddog363 · November 18, 2020, 5:38am

I don’t see why Roblox is implementing such impossible captchas into their website?

I got this one after I tried to get into my account.

If I were a typical 5-7 year old and got this captcha then I’d be raving! I’m still not able to get past it.

chessebuilderman · November 20, 2020, 7:49am

To be honest thought, ArkosLab is used on quite a few websites. Changing the captcha could break the websites cause there are endpoints on both servers. Imagine having to rewrite your entire endpoint for one update. And even through all that PayPal Minecraft, and Microsoft are just a few who use this. Roblox has to take a different approach due to how it is structured. Everyone can access the API with a simple string. And the rates of bots have shrunken significantly. And if Roblox removes it, then we are back at square one. So we are kinda forced to wait, and watch what happens next. All in all, the captcha is doing its job.

sloss2003 · November 20, 2020, 12:02pm

Roblox has already implemented ways to implement different captcha types…? They don’t have to restart on all their endpoints?

br_cks · November 20, 2020, 12:23pm

These captchas are extremely frustrating every time I see them. If I have privacy extensions enabled & am connected to a public VPN, I’m spending 1-2 minutes at least on a captcha.

I can understand this captcha level if you were trying to log into an account. However, just joining a group or trying to post on a group wall at times can lead you to be forced to solve a jigsaw puzzle. There’s been plenty of times that I simply decide to back out and not do the action versus solving the captcha.

DutchBloxxer · November 20, 2020, 1:16pm

Google uses different algorithms to rate the client on chance of being a bot.

I do use ReCAPTCHA on websites of my customers and they are perfect in blocking bots. And yes, even with VPN I don’t get more tasks compared to without VPN but ReCAPTCHA still blocks bots with their algorithm.

chessebuilderman · November 20, 2020, 7:14pm

But here is the thing. I tried using my VPN hosting on a Vultr VPS and I easily got through ReCaptcha. Fun Captcha blocked it because it is coming from a VPS. A VPS is not a red flag for Google, but it is for Arkose. This is a big issue Roblox has. It’s entire API is open unlike other sites that uses FunCaptcha. They are usually app-based or only the backend has access. And Roblox knows that closing them would be really bad for business.

chessebuilderman · November 20, 2020, 7:19pm

If a change is made on the front end, there usually is a change to be made on the backend. Captchas are mostly handled backend, where the randomized captchas are made and which one is right and how many what is the callback URL. This is all handled backend.

DMCPEPlays · November 21, 2020, 12:52pm

The captcha also is impossible for Opera for Android users. I have tried joining groups or posting on a group wall and I had to solve 5 puzzles. Then, I had to complete 4 more just so I could see I “did something wrong”. I am using Android 10.

Mirzadaswag · November 21, 2020, 2:21pm

Captcha freezes in Studio and never bothers to open up, making it almost impossible to login to Studio with a different account.

Reinitialized · November 21, 2020, 3:14pm

For some clarification:

Most of the issues faced here aren’t cause of Roblox, but cause of Arkose Labs, the company behind FunCaptcha. In order to utilize FunCaptcha, you must sign a SLA with Arkose Labs, meaning they are legally bound to ensure their service functions on a percentage of time agreed upon when the contract was formed. Because of this, Arkose Labs is legally bound to make sure their service works, even at the risk of impacting user experience, otherwise they would be breaching the contract and possibly face large fees for violating such.

So before constantly bugging Roblox, which who did take part of and agree to the contract and are responsible for such, just know it isn’t all Roblox’s fault this is happening.

buildthomas · November 21, 2020, 3:55pm

The SLA would probably relate to identifying and blocking malicious traffic rather than just blocking a percentage of all traffic. I can imagine ArkoseLabs self-impose some SLAs regarding false positives as well, it’s not like they would get away with just blocking a huge portion of legitimate traffic.

(I assume you meant this, but just emphasizing for other readers since it wasn’t clear from your post)

Reinitialized · November 22, 2020, 12:19am

I didn’t dig too deep into how their agreements tend to work since to my understand their SLAs are per customer, but on their “Why Arkose” page, they do state this

chessebuilderman · November 23, 2020, 7:37am

Think to show the company’s how it works. Like I said before, it is on a threat level. Things such as Tor, VPN, certain ISPs, and certain IPs set off red flags thus improving security on that user/customer. If I am wrong about that, it is to show, they have low false positives.

sloss2003 · November 25, 2020, 8:44pm

I want you personally tell that to a seven-year old that just wants to join a group – or I don’t know, play a game on Roblox?

I’m sorry little John, but unfortunately, it’s in your best interest that we don’t let you sign up – it’s just because we want to keep our games from getting botted. oh… wait… isn’t that uhm… i don’t know ironic? Sorry, I don’t know how you don’t see the issue with this.

sloss2003 · November 25, 2020, 8:47pm

It isn’t, but they out of everyone are being hurt by this, and more to that we’re being hurt by this. Roblox should be proactively working on this with ArkoseLabs, but it seem’s like they aren’t.

sloss2003 · November 25, 2020, 8:49pm

All Roblox has to do is check if a response from ArkoseLabs server came back as a yae, or nae. This isn’t impossible behavior to change, and I don’t imagine it’s difficult for a company like Roblox to do.

Darkzonian · November 28, 2020, 8:25am

Hello, this is still a problem.
In American Countries, the CAPTCHA is broken. In European Countries, it is just fine. Please address this. This is tiring! I use a VPN to test this and this is unfair for Americans.

buildthomas · November 28, 2020, 1:28pm

If you use a VPN your address is more likely to be considered as a high risk user and you’ll get more captchas, because bad actors often use cloud services and VPN services to run attacks through. Try not using your VPN if you can.

Darkzonian · November 29, 2020, 7:11am

I don’t. I live in Europe, where it is less worse.
I got 20 CAPTCHAs once using VPN.

metatablecatmaid · November 29, 2020, 9:01am

Short Answer: FunCaptcha is bad

Long Answer: All Captcha’s have a level of complexity attached to them, obviously, they cant be too easy otherwise some programmer could write an AI to crack them.

But they also cant be too hard, otherwise you affect usability.

FunCaptcha is too hard, because the problems it presents to the user can take upwards of 2 minutes to solve.

My experience

I tend to mess around with Studio, because Studio finds it difficult to handle multiple user sessions, I constantly have to switch between account A and B when I’m doing stuff that requires something in account B.

Evey time I change accounts, the infamous cube puzzle appears.

Averagely, it takes me a minute to solve it. As somebody who is fairly good with image recognition, this is not okay.

Impossible Roblox Captcha

My experience

If a fully grown adult is struggling to solve these things, I can only imagine was its like for younger users on the platform.