Quick question for you all...

I have a CAPTCHA that I have built, (which I think is fairly good utilizing a lot of random variables) but, fear I may have made it too hard for users.

As I thought more about the issue of preventing spambots from registering for my site, I realized that because of the nature of my site, I will be requiring users to validate their emails with a .edu email address.

Do you think this will be sufficient? Seems to me it ought to be good enough for me to get rid of the CAPTCHA requirement. WHat are your thoughts?

Get rid of the CAPTCHA unless you are getting spam you can't deal with any other way. Here's and idea for you. <form method="post" action="">
<p>Email: <input type="text" name="email" class="bogus"><input type="text" name="OtherName"></p>
</form>And in the stylesheet:.bogus{display:none}Now if the email field ever is filled in you can be almost certain it is a bot. Obviously it could also be someone with CSS disabled (do these people exist?) so you would need a minor contingency plan (ask a simple question like confirm name). This is miles better than a captcha all round in my opinion.

interesting idea.... and I will probably implement it.

What about the .edu address. Besides putting in a false address, seems like this should get around the bot issue registering too, since I will restrict validation emails to .edu accounts. Just looking for a nod form someone to agree with me that I should have no need to further worry. THanks.

Yea, I think bokeh's interesting concept should be efficent. That with checking of an .edu extension in the provided email address.

I have tried Bokehs method about 2 weeks ago, renaming all the feilds on my form from things like name, phone, email, address to silly names like, cat,goat,pig,house and from that day the spam (which was alot) has dropped off completly.

I have tried Bokehs method about 2 weeks ago, renaming all the feilds on my form from things like name, phone, email, address to silly names like, cat,goat,pig,house and from that day the spam (which was alot) has dropped off completly.
I don't think that was the point of bokeh's concept, rather the bogus form field is hidden from humans but not from bots. If a value is entered in the bogus form field, it's very likely that the form data was not entered by a human as they would not have seen or be able to access that form field.

Thanks guys.

I am pretty sure Bokeh was actually referring to both those ideas. From my understanding bots look for certain types of fields (email, username, etc...) to determine what types of values to input.

Thanks guys.

I am pretty sure Bokeh was actually referring to both those ideas. From my understanding bots look for certain types of fields (email, username, etc...) to determine what types of values to input.That's right. Sheldon in fact did both but he is just trying to draw attention to the use of a peculiar field name. My guess is even something as crude as the following would be enough to fool most bots without any change to accessibility whatsoever. <form method="post" action="">
<p>Phone: <input type="text" name="email"></p>
<p>Email: <input type="text" name="phone"></p>
</form>