[Wsuug] CAPTCHAs
Joshua McDonald
josh at thisisgrow.com
Tue Nov 18 16:04:18 EST 2008
Captchas aren't terrible.
What makes them terrible is when developers err towards spammers.
I look at my captchas as spam reducers, not spam eliminators. I
found a while ago a great way to do a transparent captcha that the
user never sees.
Basically, create a text field named "email" (or something common,
email, password, name, etc) that doesn't conflict with any other form
element name in your form. using a common name is a must though, as
many spam bots wont fill out fields that arent common names. Put a
label next to the field saying "Leave this field blank". Then, hide
both of them. setting the style to display:none works, but some spam
bots ignore them as well, so its best to hide with javascript, or by
placing another element over top of them. Make sure if you do the
latter to remove the field from the tab order.
After that, check for that field being blank. If there is content (a
bot cant resist an "email" or "message" field) then you know it's spam.
As long as it's labeled correctly, you shouldn't have any problem with
usability as people should be smart enough to leave it blank if you
tell them to do so.
Now, this didn't kill all of the spam, but it did cut back on false
positives and failures due to the captcha. It also still caught the
majority of spam on the few forms I used it on... it got about a 80%
capture rate... which is good enough for me. I can deal with a little
spam...
The rule should be to err on the side of human...
Joshua McDonald
Grow Interactive
www.thisisgrow.com
757-248-5274
757-248-5275 (f)
On Nov 18, 2008, at 3:47 PM, Andrew Jaswa wrote:
> In my ongoing crusade against CAPTCHAs:
> http://www.docstoc.com/docs/1048763/Worst-Captchas-of-All-Time
>
> I didn't make this... but I think it shows why using CAPTCHAs is bad.
> really bad...
>
> --
> Andrew Jaswa
> andrewjaswa.com
> wsuug.org
> _______________________________________________
> Wsuug mailing list
> Wsuug at list.wsuug.org
> http://www.thelinuxlink.net/mailman/listinfo/wsuug
More information about the Wsuug
mailing list