Hello everyone,
personally I am no big fan of captchas. Even the sophisticated ones with audio help are unsolveable for quite a lot of people due to some sort of handicap, may it be a disability or just not enough experience with the medium. And for those who can solve them without problems, they are still a pain in the ass.
The "click-on-the-right-picture" idea is much more user friendly but still evil in terms of accessability, as already mentioned by Chris. I chose a similar approach by generating a picture with a ring on it, the users were recognized as humans by clicking close enough on the ring.
Trying my best to develop accessible websites it seemed to be a bad joke putting something like a captcha on the pages.
The "logic" approach with asking questions I didnt even try - as you can read, english isnt my native tongue and I also face users from different countries. The language barrier is very quick too high then/a too strong limitation of the audience of a site.
What has been working well for me is a combination of several simple ways to "rate" the user. F.e. I always include a timestamp to my forms and check it on submission - most bots submit under 10s after the request (this doesnt work for certain forms like logins, of course). Invisible Fields with the label "Leave this field empty" (language barrier, I know) which arent empty on submission increase the rating as well as the usual suspicions like too many urls containing "vi.ag.ra!" etc.
Is a user rated high, I check his data with some service like Defensio.com and finally display a captcha.
Until now this works perfectly for me and I didnt hear any complaints about accessability issues, yet.
Hope to hear your thoughts on this subject, greetings
alternative to captcha image?
Moderator: General Moderators
Re: alternative to captcha image?
One could always display a picture of the form.. er.. .. I don't know where I'm going with this..
- jayshields
- DevNet Resident
- Posts: 1912
- Joined: Mon Aug 22, 2005 12:11 pm
- Location: Leeds/Manchester, England
Re: alternative to captcha image?
Anyone who is concerned with the security of CAPTCHAs should just code their own. It doesn't matter what it is, and it can be painstakingly simple. If you're website isn't huge, then no one's going to be bothered coding a bot just to spam your one small website.
Re: alternative to captcha image?
I agree, but the question was more if there are any clever alternatives to captchas than how to make them safer, no?
At least for myself the first point is much more interesting
At least for myself the first point is much more interesting
Re: alternative to captcha image?
Yes, I was actually refering to this with my "invisible field".
The big challenge using this method is to make sure your users don't get caught by your "trap" (= you have to "mark it" somehow being a false-field, think of screenreader users for example) and that at the same time this marker isn't too obvious as well.
As already mentioned before, techniques are as long "safe" as the cost of adapting the bots to them is bigger than the benefit their authors get from breaking your safety.
I always recommend to combine some techniques. Its more likely to prevent you from making your users angry by mistakingly identifying them as bots and increases your security.
The big challenge using this method is to make sure your users don't get caught by your "trap" (= you have to "mark it" somehow being a false-field, think of screenreader users for example) and that at the same time this marker isn't too obvious as well.
As already mentioned before, techniques are as long "safe" as the cost of adapting the bots to them is bigger than the benefit their authors get from breaking your safety.
I always recommend to combine some techniques. Its more likely to prevent you from making your users angry by mistakingly identifying them as bots and increases your security.