RE: CAPTCHAJan 25 2011 07:19AM Sacks, Cailan C (Cailan Sacks standardbank co za)
Re: CAPTCHAJan 24 2011 11:41PM Robin Wood (robin digininja org)
On 24 January 2011 15:11, Shang Tsung <shangtsung71 (at) gmail (dot) com [email concealed]> wrote:
> We are planning to use a CAPTCHA in order to stop spam engines from
> filling our Online Forms. From a quick research I made, I found there
> are good and there are bad types of CAPTCHA.
>
> Does anyone know if there are any standard and secure implementations
> of CAPTCHA that we can use?
>
> Any good articles on the subject?
I hate captchas, always have so I use a reverse captcha on sites that
I build. You add a field to the form with name and id of email. You
then give it a label that says "Please leave blank" and hide them both
with CSS. Most people won't see them because the CSS works, even if
they do see them they read the message and obey. Spam engines on the
other hand spot the email field and happily fill it in. You then
silently drop any contact forms with values in the email field.
Normal humans aren't affected and you trick most generic bots.
Robin
This list is sponsored by Cenzic
--------------------------------------
Let Us Hack You. Before Hackers Do!
It's Finally Here - The Cenzic Website HealthCheck. FREE.
Request Yours Now!
http://www.cenzic.com/2009HClaunch_Securityfocus
--------------------------------------
> We are planning to use a CAPTCHA in order to stop spam engines from
> filling our Online Forms. From a quick research I made, I found there
> are good and there are bad types of CAPTCHA.
>
> Does anyone know if there are any standard and secure implementations
> of CAPTCHA that we can use?
>
> Any good articles on the subject?
I hate captchas, always have so I use a reverse captcha on sites that
I build. You add a field to the form with name and id of email. You
then give it a label that says "Please leave blank" and hide them both
with CSS. Most people won't see them because the CSS works, even if
they do see them they read the message and obey. Spam engines on the
other hand spot the email field and happily fill it in. You then
silently drop any contact forms with values in the email field.
Normal humans aren't affected and you trick most generic bots.
Robin
This list is sponsored by Cenzic
--------------------------------------
Let Us Hack You. Before Hackers Do!
It's Finally Here - The Cenzic Website HealthCheck. FREE.
Request Yours Now!
http://www.cenzic.com/2009HClaunch_Securityfocus
--------------------------------------
[ reply ]