Interesting, captcha used to be entirely in browser but I've seen a bunch of 'scan this qr with your phone' ones lately that left me vaguely uneasy. I think this post clarifies my uneasiness, it's not good to train people that they can complete captcha via external apps.