Captcha - To Use Or Not To Use
Hi, i am building a site at the moment and i am trying to decide whether to add Captcha to my site to protect the following:
- create account form
- contact form (as it is saved in the database)
- change email form
- change password form
01 - do you think this will p*ss users off - i don't think it will as they really will only ever need do enter the Captcha once...
02 - i am surprised to see that Facebook and Twitter do not use them, how do they stop robots from processing multiple forms
03 - what is your general view / feeling on using Captcha's
There are less intrusive techniques you can use to stop robots without annoying real users, and only implement a captcha system if you find the spambots are getting to be more of a problem than annoying users would be. A couple tricks that will not stop all robot requests but seem to prevent a lot of them:
1. Use sessions, generate a random token, save it in session and make it the value of a hidden form field. If the submitted form does not have that field or its value does not match what is in the session variable, reject the request.
2. Create an input field that looks legitimate but you don't actually use, e.g. zip code or age or country, then in your CSS style sheet, set its display value to "none." If that field is not empty in your form-handler, then reject the request. (This has a very small possibility of generating false negatives from the rare user who is using a very limited, non-graphic browser or is in any way overriding or disabling CSS styles, so may not be appropriate on mission-critical forms.)
"Please give us a simple answer, so that we don't have to think, because if we think, we might find answers that don't fit the way we want the world to be."
~ Terry Pratchett in Nation
Thanks NogDog, appreciate it
Users Browsing this Thread
There are currently 1 users browsing this thread. (0 members and 1 guests)