I got "radicalized" about these filter measures at my last job, where we operated a popular public-facing website, and we apparently adopted some third-party solution to reject otherwise valid logins based on some heuristics, with an intentionally vague "try again later"-style error message. Throughout a few months, I noticed a steady trickle of coworkers talking on the internal chat about being unable to log into the site citing that exact error, with varying degrees of urgency (eg. for myself, I noticed I couldn't log in using a private browsing window, but didn't worry too much because my long-lived session cookies were still fine). I like to think all of them were eventually pointed in the direction of the team working on the integration so that these false positives could be worked around, but definitely not everybody initially realized what was happening to them.
If even people within the same company fell victim to these filters, what chance would the wider public have? On the other side of my tenuous work/life balance, multiple friends that were long-time users of our product were also getting locked out of the site, and of course they had no means of understanding that they were false positives of a fraud detection heuristic, much less of getting individualized support. I know those people and that they were genuine good-faith users, but naturally, while I could pass on word of their struggle, I couldn't offer any actual help since that would disclose details about those heuristics that we were apparently paying good money for and wouldn't want the public to know anything about. I also saw social media discussions where other affected users were helplessly telling each other to try different browsers or reinstall Windows.
Of course, I understand the need to combat abuse of services (and I applaud this employer for many other measures taken in that effort), but it definitely did a number on my loyalty to the company and excitement to be part of the industry to realize that my friends and I would be readily sacrificed if push came to shove.
If even people within the same company fell victim to these filters, what chance would the wider public have? On the other side of my tenuous work/life balance, multiple friends that were long-time users of our product were also getting locked out of the site, and of course they had no means of understanding that they were false positives of a fraud detection heuristic, much less of getting individualized support. I know those people and that they were genuine good-faith users, but naturally, while I could pass on word of their struggle, I couldn't offer any actual help since that would disclose details about those heuristics that we were apparently paying good money for and wouldn't want the public to know anything about. I also saw social media discussions where other affected users were helplessly telling each other to try different browsers or reinstall Windows.
Of course, I understand the need to combat abuse of services (and I applaud this employer for many other measures taken in that effort), but it definitely did a number on my loyalty to the company and excitement to be part of the industry to realize that my friends and I would be readily sacrificed if push came to shove.