Is it immoral to put a captcha on a login form?

Question

In a recent project I put a captcha test on a login form, in order to stop possible brute force attacks.

The immediate reaction of other coworkers was a request to remov

Answer 1

It's not immoral per se. It's bad usability.

Consider security implications: the users will consider logging in to be time consuming and will:

• be less likely to use your system at all
• never log out of your system and leave open sessions unattended.

Consider other forms of brute-force attack detection and prevention.