When you try to login with bad credentials, Gmail gives you a captcha to fill in before your next login attempt. Not only does this captcha appear randomly (keep putting in the wrong username and it will sometimes appear, sometimes not) (update: now it appears to be more consistent), but it’s also optional*. Just put in your correct username and password, ignoring the captcha, and it will log you in.
I probably discovered this out of frustration, but for the past few months (or years) I thought it was something we all knew until I saw one of my friend’s enter the captcha value. I never actually stopped to think about why a captcha would be “optional” – it’s ridiculous, and I’m probably overlooking an obvious point to this.
* I’m not sure why, but some people are saying that they cannot login without entering the captcha. I’ve tried on Swiftweasel and Firefox 3.x/Opera 9.x and 10/Konqueror/Chrome on Linux, and on Safari on the Mac, and have never needed to enter the captcha.
Also worth mentioning, a lot of forms you get when you try to download something are optional. For example, if you try to download Mimer SQL, it gives you this form: http://developer.mimer.com/downloads/downloads_licens.tml?id=528 but you can just scroll down and hit the download button without putting any info in.