Known issues

  • MyCaptcha can not be used with the login (user block & /user)or poll voting form.
    This is due to the design of Drupal core.
  • MyCaptcha does not generate a new challenge when a form submission results in an error (other than in the CAPTCHA answer itself). While this is desireable behaviour for the large majority of forms, it does diminish its value on certain forms. Take the request new password form (user/password) for example; a bot can be 'primed' with the right captcha response, after which it can continue guessing for up to two hours (as the CAPTCHA expires in 7200 seconds).
    This will change in the future, allowing per form settings.
  • MyCaptcha interacts with page caching (admin/settings/performance). A captcha prevents caching of pages on which it appears. You need to make sure forms with a captcha do not appear on too many pages, or cache will be effectively off. The comment submission form is the cause for most concern. Make sure you set the "Location of comment submission form" to "Display on separate page" on Administer » Content management » Comments, tab Settings (admin/content/comment/settings) or your content will no longer be cached.
    This is by design.
  • When a user has more roles then just the "authenticated user" role, the captcha setting for "authenticated user" will not take effect for that user.
    This is by design.
  • When you are user 1 you will never see a captcha.
    This is by design.
  • When you remove a form from the Form store while a captcha is enabled for it, you can no longer disable the captcha for the form. Add the form back to the Form store, then disable the captcha.
    This is unfortunate.
  • If a certain (broken) form performs a drupal_goto() in its form submit function, MyCaptcha will not be able to clean up. This undermines the use of MyCaptcha for this form as the seed will be reuseable.
    File a bug against the affected module.

Other known issues may be found in the MyCaptcha forum.