Just happened again for me, had to fill out 2 captchas in a row when clicking a link on my forum and opening up in a separate tab, around 14:41. Shouldn't it track cookies/IP address and not do that? Especially as I was also logged in as Admin at the time. It is in a general browser not a private one.
Sure, would be good if mainly people didn't see. But when people do see, I still think it looks very dodgy like the user has clicked onto a 3rd party website which will result in a high % of abandonment of the website/page IMO. Making it within a theme wrapper as another user suggested would be good idea if feasible IMO.