We use browser-use for password change automation (thepassword.app) and the detection landscape is evolving fast.
The key insight from this article: sites are shifting from "detect bots" to "detect automation intent." For user-initiated tasks like password changes, this is actually helpful - the automation is authorized, just executed by AI instead of human fingers.
The interesting challenge is that different sites have wildly different detection approaches. Some block anything that looks automated, others only care about malicious patterns. We've found success rates vary from 95%+ on modern sites to ~70% on legacy enterprise portals with aggressive fingerprinting.
Would love to see benchmarks on detection bypass rates across different site categories.
Protection approaches vary wildly across industries and sites, and what counts as "suspicious" looks completely different depending on the context and websites.
Our focus is on staying ahead by eliminating signals that antibots aren't even checking yet, that's where the real research challenge is.
Benchmarks comparing competitors across high-security sites are coming soon, thanks for reading!
The key insight from this article: sites are shifting from "detect bots" to "detect automation intent." For user-initiated tasks like password changes, this is actually helpful - the automation is authorized, just executed by AI instead of human fingers.
The interesting challenge is that different sites have wildly different detection approaches. Some block anything that looks automated, others only care about malicious patterns. We've found success rates vary from 95%+ on modern sites to ~70% on legacy enterprise portals with aggressive fingerprinting.
Would love to see benchmarks on detection bypass rates across different site categories.