Captcha identify
Chris Angelico
rosuav at gmail.com
Wed Aug 13 15:43:53 EDT 2014
On Thu, Aug 14, 2014 at 5:24 AM, Chris Kaynor <ckaynor at zindagigames.com> wrote:
> On Wed, Aug 13, 2014 at 4:39 AM, Eric S. Johansson <esj at harvee.org> wrote:
>>
>> eliminate captchas, 35+million disabled people would thank you as would
>> many more millions of the not-yet-disabled like your future self.
>
>
> And so would the spammers, which is who captchas are trying to block.
There are alternatives that are both easier for legit people and
harder for spambots. Some rely on the fact that humans read things two
dimensionally, and scripts look at the underlying structure; so, for
instance, random field names and cunning CSS to match them up with
their labels can result in a form that's completely messed up in the
source, but looks perfect to a user. Or you can put extra fields down
that you can't see if the form's laid out properly. Or you can combine
those sorts of tricks with a very simple challenge-response, like
"What is one plus one?" that requires some specific value to be in a
specific field - and if that value occurs in the wrong field, you
throw the form back to the user.
For some reason, everyone's jumped on the "show some mangled
text/numbers and ask the user to enter them" bandwagon, in the same
way that everyone has gone for passwords that require
lower/upper/digit/symbol and (in the most annoying cases) are actually
length-limited to something stupid like 12 characters. Yes, maximum,
not minimum. Grumble.
ChrisA
More information about the Python-list
mailing list