We've been teasing this in our last few product newsletters:
We've just added a new spam protection option, our home-rolled honeypot.
Previously, you had to use Google's reCAPTCHA as a spam protection device. We used this automatically for all KnowledgeOwl subdomains, and we required you add it if you added a private domain.
Last year, we received information that reCAPTCHA might not be fully GDPR-compliant. So we set about building our own alternative: a honeypot.
You'll see this new option in Settings > Basic, in a new section called Spam Protection Settings:
Since we've previously used reCAPTCHA, all existing knowledge bases have that option selected, but you can opt to switch to honeypot if you want to free your live knowledge base from all things Google.
A few quick notes about the shift:
- Honeypot presents no challenges, checkboxes, or puzzles to your reader, so the average reader has a much smoother experience. (No more getting stuck debating if a picture is a bicycle or a motorcycle, for example!)
- Our honeypot requires no additional configuration--no keys, secrets, or additional setup on your side whatsoever.
- Honeypots can be a good protection against run-of-the-mill bots, but they are not foolproof protection against truly malicious, motivated actors. If you think your knowledge base might be a magnet for a dedicated attack, we still recommend sticking with reCAPTCHA.
- Our honeypot will evolve over time, so we're depending on you to let us know if spam does still get through to you--we'd like to know the details of what was submitted so we can try to target it better.
- For those of you using private domains: your reCAPTCHA V2 and V3 info is now all displayed in the Spam Protection Settings section, rather than in the Domain Settings section.
- For a full list of the pros and cons of each approach, see Spam protection.
Is there a reCAPTCHA alternative that you'd like to see us offer (like hCaptcha?). Please contact us and let us know what other spam protection options you'd like to see us integrate with. Now that we have the framework in place to add more, we could add other options, but we'll only add things we get requests for!