What reForge Captcha is, why we built it, and how it works under the hood.
reForge Captcha is a free, privacy-first CAPTCHA and bot detection platform built by Quantix Foundation. We believe protecting your forms and APIs from bots shouldn't require selling your users' data to an ad network, locking yourself into a CDN, or paying per verification.
The existing CAPTCHA landscape has problems. Google reCAPTCHA harvests behavioural data from your visitors to train its own ML models and serve better ads. Cloudflare Turnstile is only truly frictionless if you're already on Cloudflare. hCaptcha requires you to pay at scale. Every option asks you to trust a third party with your users' data and your uptime.
We wanted a captcha we'd actually be comfortable embedding on our own projects — one that scores risk signals without profiling people, stores only what's necessary, and never charges for it. So we built reForge Captcha and decided to make it free for everyone.
Every widget submission is scored in real-time on a scale of 0.0 (definitely a bot) to 1.0 (definitely human). The score is computed from a combination of client-side and server-side signals:
Mouse movement count and timing, interaction latency, time spent on page before submission, and click naturalness patterns.
User agent analysis, headless browser detection (Puppeteer, Playwright, Selenium, PhantomJS), and automation framework signatures.
IP reputation checks, suspicious request patterns, and request timing analysis to catch automated scripts.
You decide the minimum score per site. Set 0.3 for lenient forms, 0.9 for high-security login endpoints. The engine adapts to your requirements.
We score signals — not people. Here's what that means in practice:
reForge Captcha is built with a simple, fast, dependency-light stack so it stays reliable and easy to maintain.
Sign up for free and have your first widget live in under 2 minutes.
Get Started Free