Last modified: 2014-09-03 23:55:21 UTC
When a user tries to create an account, if the captcha is successful but the username is already taken or the passwords doesn't match, the user has to take the test again. This is bad, especially since captchas are far from user friendly.
So, why not keep in mind that the user passed the captcha ?
Seems doable, using similar counter and expiration logic to ConfirmEdit/Captcha.php's triggerUserLogin(). There are probably security implications I overlook.
Were we to do client-side validation in Create account (see ACUX-3 in https://meta.wikimedia.org/wiki/Research:Account_creation_UX ), then users would be informed of_some_ form problems before filling out the CAPTCHA, lessening the need for this enhancements.
Indeed, client-side validation of the username availability and password seems like a much better way to do it.
*** Bug 47685 has been marked as a duplicate of this bug. ***
In addition to the captcha, the user also has to re-enter the password twice. The only bit of previously-entered information that currently survives is the mail address.
The username also survives.
(In reply to comment #5)
> The username also survives.
Yeah, although you'll normally change it when you are looking for an unused username.
There is nothing to validate for the email, since more than one account can have the same email.