Ah! Didn’t mean to imply that it had anything to do with that other f-word (it’s okay, you can say “fuck”: we’re all adults here!): that wasn’t the alternate meaning I was looking at. The one I was looking at was the first one after the link – “fudging” something being like taking a shortcut rather than doing something the established ‘right’ way. I’m pretty sure I’ve had a “fudge” directory in at least one non-Squiz-related project I’ve worked on, too! Usually for that late-spec-change piece of functionality that can be properly integrated in the next major relase but for now just needs jamming in to the infrastructure so that it works, for now. That was my assumption when I saw the “fudge” directory: that some piece of functionality, probably in the long-distant past, had been thusly “fudged” and the directory name had stuck.

The CMS itself doesn’t rely on CAPTCHAs as more than an “are you sure?”, you’re right (and man, typing that 25-character one to restart the crontab manager is a drag: I mean – do I have to be that sure?). But it does encourage their use on e.g. Custom Form Assets, such that backend users are likely to try to use them to protect their forms from robots, so I’m glad that this Easter Egg doesn’t kick in on shorter key lengths!