There are problems which are difficult to solve even with immense computing power, which will confuse even powerful LLMs, but which humans can easily solve. That won't require JS, yet be a big obstacle to attackers. IMHO the biggest reason why such solutions aren't more widely deployed is because the incumbent wants to keep its effective browser monopoly.
can be easily exploited by script kiddies using large proxy networks
Such a scheme would need a large amount of LLMs or actual (intelligent) humans too.
Google clearly wanted to make account recovery accessible even without JS
Unfortunately, they made authentication require JS.
can be easily exploited by script kiddies using large proxy networks
Such a scheme would need a large amount of LLMs or actual (intelligent) humans too.
Google clearly wanted to make account recovery accessible even without JS
Unfortunately, they made authentication require JS.