What's new

Captcha on AC86U Sign-in screen

  • Thread starter Deleted member 51572
  • Start date
  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

D

Deleted member 51572

Guest
Well this is annoying... latest firmware update puts a captcha on the sign-in screen. I don't like this at all.

RT-AC86U captcha.png
2020-05-31 16_17_13-ASUS Login.png
 

thanks, when i typed 'captcha' in Search field above, only two articles came up, which had nothing to do with this. Now, after searching again for 'captcha', for the third time, more posts are coming up. Not sure why the search didn't work the first two times.

edit: search SNB Forums again for 'captcha' and only two results come up again. what am i doing wrong?

2020-05-31 17_22_06-Search Results for Query_ captcha _ SmallNetBuilder Forums.png
 
The Captcha will only appear after a number of invalid login attempts (I believe it's two). If you immediately get a Captcha, then check your network, something is trying to access the router's webui without you noticing.
 
  • Like
Reactions: Sky
The Captcha will only appear after a number of invalid login attempts (I believe it's two). If you immediately get a Captcha, then check your network, something is trying to access the router's webui without you noticing.

there were no invalid sign-in attempts, and the captcha appeared only after restoring default settings. it has not reapearred, even after logging out and back in again. although it was an unpleasant surprise to be confronted with a captcha. captchas are intended to guard against bots, so i don't really see the point in having it on my router's sign-in screen.
 
captchas are intended to guard against bots

And there are a large number of security exploits that work through brute forcing access to home routers, and infecting them with malware or hijacking their DNS resolutions.

If you got the captcha, then something on your LAN did try to access the router's port 80 and failed to login.

Code:
/* Limit of login failure. If the number of login failure excceds this limit, captcha will show. */
#define CAPTCHA_MAX_LOGIN_NUM   2
 
No login failures. Local access only enabled. Also receiving the CAPTCHA. Sent feedback to ASUS. Reverted to previous firmware. No CAPTCHA now.

3.0.0.4.385_20585

On my RT-AC66U B1, this seems curious. If I (after waiting a day) access the log on screen with router.asus.com (without logging in) no CAPCHA, no matter how many times I do it. I I then access the login screen via 192.168.1.1 (without logging in), then I get the CAPCHA immediately. After I do that, then router.asus.com also displays CAPCHA.
 
Last edited:
This sux i am not able to get into my AC68U at all i tried different browsers it keeps saying this crap i know the user and pass is correct because i used it to downgrade the firmware after a disaster by me i was stupid enough to flash the latest fw for my router and first was not able to get into router no captcha something about httpS and http but i managed then i saw wan port speed 100 mb?????
I have a fiber optic 1000mb/1000mb and will not settle for 100mb because the devs messed up something but i know some have no issues i just want to get into my router and flash back the org fw from asus because merlin really has taken a wrong turn somewhere to many features that turn out to be just eye candy for your mind
ohh sry we will fix that in the next release, or you could stop implementing stuff that will only work on a devs pc and not the common users
but sure it looks good as an ad look here merlin has this and that and the org asus does not crap it so easy, it says on the main site of merlin yea that should be your first warning sign, well i fell for it looks good with those boxes down below with all the stuff merlin "can't" do for you
Web capture_6-6-2021_12561_192.168.1.1.jpeg
 
This sux i am not able to get into my AC68U at all i tried different browsers it keeps saying this crap i know the user and pass is correct because i used it to downgrade the firmware after a disaster by me i was stupid enough to flash the latest fw for my router and first was not able to get into router no captcha something about httpS and http but i managed then i saw wan port speed 100 mb?????
I have a fiber optic 1000mb/1000mb and will not settle for 100mb because the devs messed up something but i know some have no issues i just want to get into my router and flash back the org fw from asus because merlin really has taken a wrong turn somewhere to many features that turn out to be just eye candy for your mind
ohh sry we will fix that in the next release, or you could stop implementing stuff that will only work on a devs pc and not the common users
but sure it looks good as an ad look here merlin has this and that and the org asus does not crap it so easy, it says on the main site of merlin yea that should be your first warning sign, well i fell for it looks good with those boxes down below with all the stuff merlin "can't" do for you
I have a feeling you are upset.
Try a hard reset of the router:
  1. While the router is on: press the reset button for more than 5 seconds.
  2. Give the router about 5 minutes to start up.
  3. Power down the router and start it up.
  4. Hard wire a PC to the router and login at 192.168.1.1 with admin/admin
  5. Manual configure the router (do not load an old config backup).
 
Or try the WPS reset button method for your router to reset it too.
 
Not sure I can understand half of what you are trying to say here but just so to be clear: the Captcha was implemented by Asus. I have nothing to do with that...
 
This sux i am not able to get into my AC68U at all i tried different browsers it keeps saying this crap i know the user and pass is correct because i used it to downgrade the firmware after a disaster by me i was stupid enough to flash the latest fw for my router and first was not able to get into router no captcha something about httpS and http but i managed then i saw wan port speed 100 mb?????
It sounds like you upgraded an older firmware (when the password nvram was unencrypted) to a newer firmware (with password now encrypted in nvram), then downgraded to the version that does not expect the password to be stored in encrypted format. So the only option is to reset to factory defaults.

All your diarrhea of the mouth about Asus, Merlin, devs etc. is very disturbing. You had a bad day with your router and you’re blaming everyone else, based on how you expressed yourself.
 
And there are a large number of security exploits that work through brute forcing access to home routers, and infecting them with malware or hijacking their DNS resolutions.

If you got the captcha, then something on your LAN did try to access the router's port 80 and failed to login.

Code:
/* Limit of login failure. If the number of login failure excceds this limit, captcha will show. */
#define CAPTCHA_MAX_LOGIN_NUM   2
What would one look for in the logs that would indicate a failed login attempt? Could this also indicate a WAN side attempt or is the “Captcha” only from the LAN side?
 
What would one look for in the logs that would indicate a failed login attempt? Could this also indicate a WAN side attempt or is the “Captcha” only from the LAN side?
I don't remember if failed logging attempts are logged or not. But if you enabled WAN access to your webui, disable that immediately. It's a major security risk, and over the years numerous router compromises occurred because of that. Use a VPN server if you need remote management access.
 

Latest threads

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!
Top