homepage Welcome to WebmasterWorld Guest from 54.234.147.84
register, free tools, login, search, subscribe, help, library, announcements, recent posts, open posts,
Subscribe to WebmasterWorld

Home / Forums Index / Local / Foo
Forum Library, Charter, Moderators: incrediBILL & lawman

Foo Forum

    
CAPTCHAs are getting ridiculous
ChanandlerBong




msg:4354280
 6:01 pm on Aug 22, 2011 (gmt 0)

I've just had to refresh one about 7 times before I could even guess at what was written there.

Rather akin to airport security "procedures", we're now in a position with CAPTCHAs that the innocent 98% are being made to suffer while the "bad" 2% will just find other ways of doing what they want to do anyway.

 

jecasc




msg:4354327
 8:50 pm on Aug 22, 2011 (gmt 0)

Yes, I noticed some time ago that I must have turned into a computer since I am no longer able to solve those "Completely Automated Public Turing tests to tell Computers and Humans Apart".

johnhh




msg:4354360
 10:50 pm on Aug 22, 2011 (gmt 0)

and there was I putting it down to old age and eyesight :)

Marshall




msg:4354407
 4:12 am on Aug 23, 2011 (gmt 0)

They are starting to look like they are being created by dyslexic drunks using a mirror.

justrobin




msg:4354480
 11:01 am on Aug 23, 2011 (gmt 0)

I agree... They are making it very difficult to humans now. Sometimes color combinations are blending that you can't identify if it is a number or a letter.

pageoneresults




msg:4354493
 11:54 am on Aug 23, 2011 (gmt 0)

I'll agree too, they've become self aware and like to be funny at times. Ever get the Omega symbol (Alt+234)? I'll always remember that one as it was the first non-character CAPTCHA I'd seen.

lucy24




msg:4354671
 9:13 pm on Aug 23, 2011 (gmt 0)

Has anyone met the kind where they dispense with letters and numbers and do something entirely different, like pictures of animals? They supposedly work just as well and are less annoying.

volatilegx




msg:4356874
 9:59 pm on Aug 30, 2011 (gmt 0)

lucy24, I agree. My payroll company uses those pictures. The only problem is that the name for common objects varies among cultures and languages.

g1smd




msg:4356878
 10:09 pm on Aug 30, 2011 (gmt 0)

I've seen more and more examples that are indecipherable, needing a (sometimes multiple) refresh(es) to get another.

These are often randomly generated from a dictionary and on several occasions I've been served various Anglo-Saxon expletives to solve.

brotherhood of LAN




msg:4356880
 10:12 pm on Aug 30, 2011 (gmt 0)

I'll have to agree too.

Reminds me of being 10 and trying to answer Leisure Suit Larry's age verification [allowe.com] to play it. Most of the time, lucky guesses.

lexipixel




msg:4357003
 7:13 am on Aug 31, 2011 (gmt 0)

I've seen more and more examples that are indecipherable


We may be down to slim pickin's on the official "reCAPTCHA" images as many of the easier to read ones have probably been solved.

reCAPTCHA uses two-words, and serves a different purpose than the simple "type this word" CAPTCHA's that were used and duplicated everywhere (and cracked) when the idea first came out.

"reCAPTCHA" is used to help improve OCR results for book scanning.

You don't actually have to get both words correct.

The "word" on the left is some indecypherable OCR scan that Google Books of other entity needs help decyphering, the word on the right is a known word (and is usually easier to read).

The idea is that if they show the same reCAPTCHA to enough people and a large percentage say the word on the left is "EXAMPLE" and those same people correctly retype the word on the right (which varies from test to test), then they can safely assume the word on the left is "EXAMPLE" (even though the script producing the two-word reCAPTCHA never knew what the word on the left was).

For this reason you could type anything for the word on the left, and only need to match the word on the right -- and still pass the CAPTCHA test.

Try it next time you get one of the unreadable (left) reCAPTCHA words.


Google reCAPTCHA info: [google.com...]

Hoople




msg:4357300
 7:02 pm on Aug 31, 2011 (gmt 0)

Agree totally with all above. My one non-profit client has many seasonal buyers that are senior citizens, quite a few with vision challenges. I also get tripped up on CAPTCHAs!

The form lucy24 mentions that uses pictures is from justhumans DOT com. It can be customized for language.

Another one that I like and will be implementing soon asks the user a question. 'What is 4 plus 1?' The question and language is also customizable. See 'GBCF-v3' 'Secure & Accessible Form Script'.

lucy24




msg:4357327
 8:03 pm on Aug 31, 2011 (gmt 0)

Oh, hey, I remember reCAPTCHA [recaptcha.net]. (It's the same link as above, by another name.) Had to go all the way back to 2007 to find its discussion. Can't post the link that I originally read, because you have to log in (I checked with a different browser) so I'll quote the key point.
Uninformed consensus is likely to be wrong. Consider e.g. long-s: 99% uninformed readers would read f. And this is the easy case. Outdated spelling is another easy case.

(He goes on to talk about analogous language-related problems, such as choosing between final o and e in Italian.) To say nothing of yogh and thorn...

Anyway, g### has an awful nerve promoting the idea, when they're widely known to have the worst scans-- and consequently the worst OCR-- in the business ;)

Come to think of it, I've been on places where they offer multiple-choice tests of the "2+2" form. Catch is, there's always an x% chance of randomly guessing right, so you have to do several of them to get the probability low enough to meet your security needs. .25^{some number}, .2^{some number}, like that. Even if you know what they're doing, it always feels as if you answered wrong and they're giving you another chance.

lexipixel




msg:4357384
 10:22 pm on Aug 31, 2011 (gmt 0)

'nuther variation...

Retype only letter that are
RED:
BOOKSOCK: [_______]
Marshall




msg:4357386
 10:35 pm on Aug 31, 2011 (gmt 0)

I use a cheap trick involving JavaScript and the .asp script that processes my forms. In short, I have a script randomly generate numbers/letters in a form field which you have to match in another. However, in the event JavaScript is disabled, a regular trick by spammers, there is a default value. Either way, if the two field values do not match, the .asp script will not process the form. I have been using this trick for years without any spam. The nice thing about it is that the fields are easy to read so a visitor does not have to guess again and again.

brotherhood of LAN




msg:4357411
 11:51 pm on Aug 31, 2011 (gmt 0)

Truth is, any form of captcha will be cracked by some clever people who have the need to. If every site had its own form of captcha technique, then their solutions would be less scalable.

It remains a problem if your site is targeted specifically.

Global Options:
 top home search open messages active posts  
 

Home / Forums Index / Local / Foo
rss feed

All trademarks and copyrights held by respective owners. Member comments are owned by the poster.
Home ¦ Free Tools ¦ Terms of Service ¦ Privacy Policy ¦ Report Problem ¦ About ¦ Library ¦ Newsletter
WebmasterWorld is a Developer Shed Community owned by Jim Boykin.
© Webmaster World 1996-2014 all rights reserved