Can CAPTCHA be Saved?
There are many different ways to secure areas of your site that are open to users, and one of the most popular methods for years have been CAPTCHA’s. They are images that have distorted text which you then write in an input field to verify you are a human and not a machine.
One of the worst things about CAPTCHA’s is how inaccessible they are to those with visual impairments. Heck, I am only twenty-five, and while I do wear glass, even I find myself unable to read some of the letters and numbers on the more complex CAPTCHA images.
Over on SearchEngineWatch there is a great post talking about how CAPTCHA systems are under attack and losing the war.
There are really only two results to this battle. Either the spammers will win or accessibility will lose. There really doesn’t seem to be a happy ending to the whole CAPCHA scenario.
According to this post on TMCnet spoke with Russian researchers who claim to have algorithms that can correctly read CAPTCHA screens 30 to 35% of the time. While these tools are currently only in the hand of some high end folks, over time, it is reasonable to expect that they will get more widely disseminated.
When this happens, the flood gates will really let loose, because a 30 to 35% success rate is a gold mine to a spammer. They don’t care about the failures, as they happily will take the successes. Spam bots will have open season on all email systems, blogs, and social media sites that are protected by CAPTCHA
When this happens, the flood gates will really let loose, because a 30 to 35% success rate is a gold mine to a spammer. They don’t care about the failures, as they happily will take the successes. Spam bots will have open season on all email systems, blogs, and social media sites that are protected by CAPTCHA.
When creating applications, we have to continually come up with new and better ways to deal with the spam issue, and it looks like it is time for a new innovation with CAPTCHA quickly becoming more and more inefficient and less accessible to those with any kind eyesight issues.
What could replace CAPTCHA that spammers would have a hard time defeating but at the same time not be too difficult for humans to decipher? Is there a solution to this problem, or will all of our applications be overrun with spam in the near future?
I think it is an interesting problem that not enough developers are taking the time to think about. How many of you rely on a CAPTCHA service or something similar?
Want an avatar? Get a gravatar! • You can link to this comment
Something like Saptcha http://dmytry.pandromeda.com/texts/captcha_and_saptcha.html would be a decent alternative. This way, like Captcha the user simply answers an easy question, but with Saptcha it is text based but still very easy. A question like “Does a cat or a dog bark?” would be easy enough for users to answer, and is all text. If spambots can take the text from a question and paste it in the box until they get it right then ask a common question that the answer to doesn’t appear on the page. Possibly something like, ”
What day of the week follows Thursday?” When it gets to the point where spambots can figure these out I’m sure they’ll also be able to figure out the text in a captcha anyway.
Want an avatar? Get a gravatar! • You can link to this comment
As i read in an early post about it, I’m not sure that the captcha is a good defence against bots.