Security and Authentication

Recommend removing reCAPTCHA for login scheme

Recommend removing reCAPTCHA and retain two factor authentication for new login scheme or EFS and PAIR.

 

The new PTO login scheme requires dual factor authentication and a reCAPTCHA. The dual factor authentication provides unauthorized login protection, while the reCAPTCHA is intended to prevent automation. The current PTO login scheme that is being depreciated supports automation and the PTO has stated they plan to implement an API designed to facilitate automation by 2020. Requiring reCAPTCHA that inhibits filing automation tools during the brief period after the current login scheme is depreciated (December 2018) and the planned API is implemented (2020).

 

Requiring dual factor authentication in the new login scheme is beneficial as it provides security and prevents UNAUTHORIZED automation such as spamming bots while not inhibiting automation currently in use to facilitate document submission via EFS and document monitoring via PAIR.

 

We request the community consider removing reCAPTCHA from the login process as the new two factor authentication provides sufficient protection.

Tags

Attachments

- [ Show all ]

Voting

7 votes
7 up votes
0 down votes
Active
Idea No. 261