Google's captcha system is overkill for most websites. If I want to filter out bad actors (on a simple straight-forward site), there are other more simpler and easier to solve captcha systems out there. They might not have the rigour of Google's system, but they do the job, and well.
I would however use Google's system if the site is massive and there is the possibility that someone is using a script or some program to algorithmically bypass the (simple) captcha, and register accounts en-masse and trying to create a psyop[0], or disinformation campaign, or even a sockpuppet army.
There are diminishing returns once a CAPTCHA gets past a certain point. Bad actors can (and do) just humans to fill out captchas all day. We get some spam submissions on our sites that I'm 99.9% certain are people in developing countries copy/pasting spam templates and filling out captchas by hand.
I disagree. Adding Google's captcha is a 15 minute exercise. If i remember correctly, you copy/paste a snippet then add a callback in your own code. Whereas rolling your own captcha implementation would take much longer and be worse.
And it is this very convenience that has countless sites using it. As I said, there are other systems which are just as easy to implement as Google's and which are not overkill and also more privacy friendly (Google's CAPTCHA is known to fingerprint the user using heuristics like mouse movements, screen resolution, etc).
There are many easy to use libraries specific to different languages(like https://www.phpcaptcha.org/ for php) and frameworks. These are not as secure as recaptcha, but in most cases does the trick.
There are also services similar to recaptcha like solve media and hcaptcha. I believe hcaptcha is a drop-in replacement(https://hcaptcha.com/docs).
> trying to create a psyop[0], or disinformation campaign, or even a sockpuppet army
That's not a viable reason. Anyone doing so is going to have a budget and human reCAPTCHA solving is less than $0.01 per CAPTCHA. It costs very little for mass account creation, reCAPTCHA or not.
I would however use Google's system if the site is massive and there is the possibility that someone is using a script or some program to algorithmically bypass the (simple) captcha, and register accounts en-masse and trying to create a psyop[0], or disinformation campaign, or even a sockpuppet army.
[0] https://en.wikipedia.org/wiki/Psychological_Operations_(Unit...