Regarding reCAPTCHA security
I am very disappointed in the addition of the reCAPTCHA security after I have logged into my account. You have years of history on my activities on FamilySearch.org to determine my bonafides,
I have brought my laptop on vacation and am using real security on my end - I use a VPN for internet activity. Your suggestion to TURN OFF MY VPN is farcical as it defeats both our goals in putting dual authentication (u + pwd) and historical data aside in favor of whatever algorithm you are using to trigger reCAPTCHA security.
I find it really annoying to have to authenticate as many as 12 image screens before being accepted. It is also annoying to have it repeatedly required over and over and hour after hour.
While I am uncertain how many attacks you log in an average day you certainly know how many times one user signed in on a continuous session should have to prove they are human. You want to utilize reCAPTCH technology - then put it in as part of your log-in practices so innocent users like me do not have to jump though so many hoops on a non-commercial website! ONCE A SESSION IS ENOUGH, PLEASE!
Thanks for listening,
Craig