Can anyone tell me the proper way to Implement a CAPTCHA?
Speaking as the Admin for a vBulletin Forum with 3000 active members (same software as used in this Forum), I would discourage the use of any type of CAPTCHA. The reason being that they are so easy to defeat.
Our Forum used to use CAPTCHA for new registration, yet we were still plagued with spam registration. Since we have moved to Human Verification questions instead, spamming has dropped to almost zero. CAPTCHA is really out of date.
Questions can be as simple as "As you male or female?" "Are you older or younger than 30?", "what color is the background color of this page?"
There is only one or two acceptable answers and fairly easy to implement with PHP... but much harder for spam bots to defeat.
So my advice is to look into human reasoning questions instead.
Eye for Video
Thanks for the advice.
I am wanting to start my own web design business. I am fairly new as I have no websites currently uploaded.
All I have is what I learned at college University.
I wish to second what's posted above. At this Point CAPTCHA is a complete waste of time. You might as well just chant supplications to the gods, it'll keep out the same number of spam bots.
Interesting ... anyone have any good resources on this? Studies? Suggested questions or question formats?
Well, spam bots are stupid, they only know what they're programmed to deal with. Simple instructions for humans to follow completely bewilder them. The problem with CAPTCHA is that in order to fool robots optical character recognition engines, they started becoming more and more convoluted in appearance, to the point where it was more difficult for humans to decipher than bots.
Use questions that involve directions to a particular element on the page or something close to that. Don't use mathematical equations or questions whose answers can easily be looked up on the web. Bots don't know up, down, left, right, they're just reading code. They would need to interpret the CSS placement of each element to determine what's up, down, left, right of anything else.
Hmm. Alright. I've read that these sorts of things are OK for small-scale sites, but won't stand on larger sites, wherein a bot might be written to specifically target the site.
Originally Posted by JPnyc
Though, if you've got any references that show a system like this standing its ground on a large-scale site -- like one of the top 1000 or something, that'd be of interest. I'm not necessarily opposed to implementing a "small to medium scale site" solution on my own sites -- they're small. But, for the sake of interest, it would be nice to know what larger scale sites can do along the lines of nontraditional CAPTCHA.
I consider this site fairly large. CAPTCHA is worthless at this point so any other option is worth exploring. It's worthless on a small scale, it's worthless on a large scale.
If somebody wants to register a bot for your site manually, there's no way to stop them. But as far as an automated process gaining entrance all by itself, this works.
Anyone ever tried the hidden "leave this field blank" strategy? If so, how successful has it been?
Users Browsing this Thread
There are currently 1 users browsing this thread. (0 members and 1 guests)