[wp-forums] Support forum registration now has a re-captcha on it
esmi at quirm dot net
esmi at quirm.net
Tue Jan 8 16:32:58 UTC 2013
on 07/01/2013 23:59 Daniel Fenn said the following:
> I don't want to upset you on this but I head that every CAPTCHA has been
> broken
For those who are interested, see <http://caca.zoy.org/wiki/PWNtcha>
That software is now pretty old but it does demonstrate the
pointlessness of captchas pretty well. As soon as one group creates anew
captcha, another designs a script to defeat it. It's been that way ever
since captchas were first used.
> and the only one that will do the job well is one of those Q&A type
> CAPTCHA.
Agreed. In my experience, the best Q&A challenge that places the answer
in the question (eg "what color is a red dress") as it isn't predicated
on existing knowledge or skill. But you do have to revolve the questions
regularly to keep them effective.
One other method to identify spam bots is based on their tendency to
complete every field on a form. You add a checkbox labelled something
like "Only check this if you are a spammer" or similar, then hide it
offscreen.
Mel
--
http://quirm.net
http://blackwidows.co.uk
More information about the wp-forums
mailing list