Best Captcha spam prevention

Hi
Do you have any comments on the best spam prevention Captcha ?
Are they all equal, or are some better than others?
I personally find the words often hard to read and prefer a question , like 2+2=

Any help appreciated.
John

There have quite a few threads on this topic of late, such as here:

In that thread, it mentions the “honeypot” method (e.g a simple 2 + 2 type question) but also a timestamp method. I was inpired to try out the latter, and wrote some simple instructions for it here, in case that’s of use:

Another approach is to forget text with its universally recognised shapes completely and use images of objects, people or places that are related to the site and ask “Who or What is this?” to figure out if the sender is human. Remember some contact form spam bots are capable of reading simpler CAPTCHA’s by themselves, others submit them to a 3rd party service to be solved by humans. This human outsourcing incidentally takes about 20-30 seconds to return an answer on average.

For example an Electronics website could ask… What does this represent?

Now the puzzle becomes one of context & interpretation something that computers don’t do well at all.

How Bots bust Captcha
Depending on the type of human solving service and nature of the captcha protection the the bot will either forward the image URL if it contains a unique session sequence. In which case your server could (should) be scripted to notice that the same image has been sent to two different IP locations. OR the Bot will take a static screenshot of the image/text and pass that along to a waiting human or a character recognition script. In this case animated gif, png or flash images with a blank intro frames should cause some pleasant confusion for the spammer.

Remember to test any option with your eyes shut, to get some sense of what a blind user might have to do to pass muster. :slight_smile:

Also consider dudes like me, who might be trying to buy some electronic equipment for a friend, but who himself has no freaking idea about electronics, or what that image represents. :lol:

Here is how simple captcha eg 2+2 http://www.visibilityinherit.com/code/simple-php-captcha.php

Yes at the extreme end of useability spectrum the verification system has to ideally work for a visually impaired person who cannot use a keyboard or mouse. There’s a blog out there from a dev who recently spent a week blindfolded whilst online and its a fascinating read.

Audio questions created using text to speech scripting or simply pre-recorded would not be that difficult to implement on the above lines. Quiz shows have been asking them for decades after all so if IP geolocation reckons the user is somewhere in Australia it could ask…

What kind of animal was Skippy?
:smiley:

Someone with that knowledge should make that easy to do. As of now the only option I know of is using that big ugly red box with audio option

FYI someone should take my simple code and modify it to include audio. I would have no idea how to do that

[ot]

But … but … Skippy was a real person … wasn’t he? :shifty: [/ot]

Are you human has stopped quite a lot of spam on my websites.