The bastard! I'll dispatch hired gunmen to his location immediately! :P

How does clearing cookies after you are done browsing help you? Would you not at a minimum need to clear cookies in between each new site visit? I question if you are accomplishing what you think you are.

What are these other sites you speak of that have a digital library of your purchases? Because in my experience they often require validation of some kind via email or phone which is even more annoying.

The TLDR of it is: cookies are (often times) evil. In case you want to know more, the EFF is a good place to learn why they are not good for you and should be avoided if possible: https://www.eff.org/pl/deeplinks/2018/06/gdpr-and-browser-fingerprinting-how-it-changes-game-sneakiest-web-trackers

If you want to have a chance to avoid profiling you mustn't keep any kind of persistent state around in your browser if it can be avoided. A reasonable balance between functionality and privacy is to clear cookies on exit, although I know people who block them outright - but that has the potential to break a website, so I prefer not to.

And I "believe" I am a programmer with both web backend and frontend (though to a lesser degree) experience, that has worked with cookies quite intimately... :).

I frequent plenty of sites storing my card data without employing mandatory 2FA (not e-banking sites, mind you... that would indeed be bad). But among the sites that don't persistently believe I am a bot, I can mention: two cloud service providers, at least one online electronics/electric hardware shop, Humble Bundle, Itch.io and Amazon.de. I'm not too concerned about potential hijacks because I know my email is secure and I can block the card I'm using on those sites (and GOG as well for that matter) with the click of a button.

P.S.: Fun fact, I have 2FA enabled on GOG, but still get CAPTCHAs :).

But gog's mechanics are broken. The only piece that works almost for 100% is the storefront, and even that is known to fail occasionally.

-can't purchase anything
-purchased games don't appear as purchased
-free games suddenly appear (?)

Or by own experience. Removed friends that still turn up as friends when you log into the site. Like there is some hidden economic going on where all of your past events are regarded as current day exploits.

Ridiculous!!

Well that's nice and all but you didn't answer my question. Instead you posted an article about browser fingerprinting which is not really to do with cookies. But that's fine. I don't think you understand the subject mater enough to do so. If you feel safer doing what you are, then by all means do continue.

I've had the 10x, 20x captcha rigmarole on other sites - it's such a pain. You do feel like they are using you for AI training labour.

Not on GOG thankfully. So while I understand the OP's frustration (but not his actual situation) I don't think this one is solely on GOG.

If CAPTCHA became more prominent on GOG then sure, RIP GOG. Certainly GOG is too integrated into the google ecosystem atm for my liking.

But GOG is not the worst here.

That's actually a rumor that has been around for a while and it's quite possible that it's true.

It would be possible to distinguish a human from a bot just by analytzing mouse movement or typing patterns and so on, but they still go for those captcha thingies and keep implementing new variations.

However, I don't think that GOG will die because of captchas when logging in or redeeming codes.

@OP - Sounds like you are maybe experiencing an issue with Galaxy. Don't use it, just download the Offline Installers for the game, or as someone else suggested, run the game exe directly.

---------------------------------------------------------

As for captcha. I cannot remember the last time I had to deal with captcha at GOG, and I am here every day and regularly purchase games.

I must admit though, I rarely ever log out of GOG, and don't clear my cookies at GOG. I have 2FA enabled. I also shut down my PC every night, don't use Hibernate.

While I am somewhat security conscious, at the end of the day Life is about risk and Life is about living, and I have enough on my plate without deliberately making things more painful, so depending on what it is, I take a few chances, play the odds with reasonable risks. I also backup things as soon as possible and keep all the supporting data I need to contest anything that needs contesting. Decent passwords helps a lot too, and I am a fan of security by obscurity.

And unless I absolutely have to, I don't give out credit card details to stores, just use PayPal, which is linked to a Visa Debit Card and an account that never has much in it, except just when I need it.

It's not a Galaxy issue, his profile shows 0 games.

At the moment that's not an indicator of anything. Your profile also shows 0 games.

Technically it's Best Buy for Canada

https://en.wikipedia.org/wiki/Future_Shop

Let's see... Looks to me like YOU blew it.

Buy your GOG games at GOG and you won't experience such troubles.

Edit:
Btw: if you bought a legal retail version of TW3, it's still DRM-free and as such can be installed and played without any involvement of GOG.

Edit 2:
One more thing (nitpicking I know, but)...technically, at the time you bought your game, the "Future Store" brand was dead already ("on March 28, 2015, Best Buy Canada announced that Future Shop would cease business effective immediately") and therefore was a "Best Buy" already, when you bought TW3 on its release day (May 19, 2015).

Google answered me that question. It used to be a canadian store chain. A real store that you could walk in and buy physical copies of games, not just keys.

The article starts with cookies and dives deeper into fingerprinting... are you sure you actually read it? If you don't like the link I've shared I'm sure there are plenty of resources online about the "evils" of cookies. I don't feel responsible for your education, nor do I plan to make it one of my life's goals, my friend. And I did answer your question: it's to ensure websites are less able to track what I do online (at least not through persistent tracking cookies, most of which are third party anyway).

And now, to offer a short clarification (contradicting myself on what I just said above): if a website can sniff your cookies, it doesn't need to use any advanced browser fingerprinting techniques. It can already track your activity as it pleases.

Sure. If we'd actually have a conversation instead of resorting to ad hominems, perhaps we could both learn something.

To each his own, as I always say. I understand you don't care that much about privacy, and I'm not irked by it at all. We can both carry on doing whatever works for us, of course.

A lot of profiles show 0 games these days, it seems... it's just the latest thing that broke here :P.

It sounds to me like you never registered the game on your GOG account. That would explain why when installing Galaxy it recognises it but sees you don't have the game in your account. The good news is that doesn't matter at all, as the game is DRM-free.