Welcome to WebmasterWorld Guest from 54.145.117.60

Forum Moderators: incrediBILL & lawman

Message Too Old, No Replies

CAPTCHAs are getting ridiculous

     
6:01 pm on Aug 22, 2011 (gmt 0)

Preferred Member from GB 

5+ Year Member

joined:Sept 29, 2009
posts:473
votes: 33


I've just had to refresh one about 7 times before I could even guess at what was written there.

Rather akin to airport security "procedures", we're now in a position with CAPTCHAs that the innocent 98% are being made to suffer while the "bad" 2% will just find other ways of doing what they want to do anyway.
8:50 pm on Aug 22, 2011 (gmt 0)

Senior Member

WebmasterWorld Senior Member 10+ Year Member

joined:May 8, 2003
posts:1141
votes: 0


Yes, I noticed some time ago that I must have turned into a computer since I am no longer able to solve those "Completely Automated Public Turing tests to tell Computers and Humans Apart".
10:50 pm on Aug 22, 2011 (gmt 0)

Senior Member

WebmasterWorld Senior Member 10+ Year Member Top Contributors Of The Month

joined:May 22, 2005
posts:657
votes: 20


and there was I putting it down to old age and eyesight :)
4:12 am on Aug 23, 2011 (gmt 0)

Senior Member from US 

WebmasterWorld Senior Member 10+ Year Member Top Contributors Of The Month

joined:Sept 4, 2001
posts: 2234
votes: 41


They are starting to look like they are being created by dyslexic drunks using a mirror.
11:01 am on Aug 23, 2011 (gmt 0)

New User

5+ Year Member

joined:July 13, 2011
posts:36
votes: 0


I agree... They are making it very difficult to humans now. Sometimes color combinations are blending that you can't identify if it is a number or a letter.
11:54 am on Aug 23, 2011 (gmt 0)

Senior Member from US 

WebmasterWorld Senior Member pageoneresults is a WebmasterWorld Top Contributor of All Time 10+ Year Member Top Contributors Of The Month

joined:Apr 27, 2001
posts: 12172
votes: 61


I'll agree too, they've become self aware and like to be funny at times. Ever get the Omega symbol (Alt+234)? I'll always remember that one as it was the first non-character CAPTCHA I'd seen.
9:13 pm on Aug 23, 2011 (gmt 0)

Senior Member from US 

WebmasterWorld Senior Member lucy24 is a WebmasterWorld Top Contributor of All Time 5+ Year Member Top Contributors Of The Month

joined:Apr 9, 2011
posts:14259
votes: 552


Has anyone met the kind where they dispense with letters and numbers and do something entirely different, like pictures of animals? They supposedly work just as well and are less annoying.
9:59 pm on Aug 30, 2011 (gmt 0)

Senior Member

WebmasterWorld Senior Member 10+ Year Member

joined:Mar 22, 2001
posts:2450
votes: 0


lucy24, I agree. My payroll company uses those pictures. The only problem is that the name for common objects varies among cultures and languages.
10:09 pm on Aug 30, 2011 (gmt 0)

Senior Member

WebmasterWorld Senior Member g1smd is a WebmasterWorld Top Contributor of All Time 10+ Year Member Top Contributors Of The Month

joined:July 3, 2002
posts:18903
votes: 0


I've seen more and more examples that are indecipherable, needing a (sometimes multiple) refresh(es) to get another.

These are often randomly generated from a dictionary and on several occasions I've been served various Anglo-Saxon expletives to solve.
10:12 pm on Aug 30, 2011 (gmt 0)

Senior Member from GB 

WebmasterWorld Senior Member brotherhood_of_lan is a WebmasterWorld Top Contributor of All Time 10+ Year Member Top Contributors Of The Month

joined:Jan 30, 2002
posts:4884
votes: 16


I'll have to agree too.

Reminds me of being 10 and trying to answer Leisure Suit Larry's age verification [allowe.com] to play it. Most of the time, lucky guesses.
7:13 am on Aug 31, 2011 (gmt 0)

Senior Member

WebmasterWorld Senior Member 10+ Year Member

joined:Feb 16, 2004
posts:1341
votes: 0


I've seen more and more examples that are indecipherable


We may be down to slim pickin's on the official "reCAPTCHA" images as many of the easier to read ones have probably been solved.

reCAPTCHA uses two-words, and serves a different purpose than the simple "type this word" CAPTCHA's that were used and duplicated everywhere (and cracked) when the idea first came out.

"reCAPTCHA" is used to help improve OCR results for book scanning.

You don't actually have to get both words correct.

The "word" on the left is some indecypherable OCR scan that Google Books of other entity needs help decyphering, the word on the right is a known word (and is usually easier to read).

The idea is that if they show the same reCAPTCHA to enough people and a large percentage say the word on the left is "EXAMPLE" and those same people correctly retype the word on the right (which varies from test to test), then they can safely assume the word on the left is "EXAMPLE" (even though the script producing the two-word reCAPTCHA never knew what the word on the left was).

For this reason you could type anything for the word on the left, and only need to match the word on the right -- and still pass the CAPTCHA test.

Try it next time you get one of the unreadable (left) reCAPTCHA words.


Google reCAPTCHA info: [google.com...]
7:02 pm on Aug 31, 2011 (gmt 0)

Senior Member from US 

WebmasterWorld Senior Member 10+ Year Member Top Contributors Of The Month

joined:Sept 21, 2002
posts:753
votes: 10


Agree totally with all above. My one non-profit client has many seasonal buyers that are senior citizens, quite a few with vision challenges. I also get tripped up on CAPTCHAs!

The form lucy24 mentions that uses pictures is from justhumans DOT com. It can be customized for language.

Another one that I like and will be implementing soon asks the user a question. 'What is 4 plus 1?' The question and language is also customizable. See 'GBCF-v3' 'Secure & Accessible Form Script'.
8:03 pm on Aug 31, 2011 (gmt 0)

Senior Member from US 

WebmasterWorld Senior Member lucy24 is a WebmasterWorld Top Contributor of All Time 5+ Year Member Top Contributors Of The Month

joined:Apr 9, 2011
posts:14259
votes: 552


Oh, hey, I remember reCAPTCHA [recaptcha.net]. (It's the same link as above, by another name.) Had to go all the way back to 2007 to find its discussion. Can't post the link that I originally read, because you have to log in (I checked with a different browser) so I'll quote the key point.
Uninformed consensus is likely to be wrong. Consider e.g. long-s: 99% uninformed readers would read f. And this is the easy case. Outdated spelling is another easy case.

(He goes on to talk about analogous language-related problems, such as choosing between final o and e in Italian.) To say nothing of yogh and thorn...

Anyway, g### has an awful nerve promoting the idea, when they're widely known to have the worst scans-- and consequently the worst OCR-- in the business ;)

Come to think of it, I've been on places where they offer multiple-choice tests of the "2+2" form. Catch is, there's always an x% chance of randomly guessing right, so you have to do several of them to get the probability low enough to meet your security needs. .25^{some number}, .2^{some number}, like that. Even if you know what they're doing, it always feels as if you answered wrong and they're giving you another chance.
10:22 pm on Aug 31, 2011 (gmt 0)

Senior Member

WebmasterWorld Senior Member 10+ Year Member

joined:Feb 16, 2004
posts:1341
votes: 0


'nuther variation...

Retype only letter that are RED:
BOOKSOCK: [_______]
10:35 pm on Aug 31, 2011 (gmt 0)

Senior Member from US 

WebmasterWorld Senior Member 10+ Year Member Top Contributors Of The Month

joined:Sept 4, 2001
posts: 2234
votes: 41


I use a cheap trick involving JavaScript and the .asp script that processes my forms. In short, I have a script randomly generate numbers/letters in a form field which you have to match in another. However, in the event JavaScript is disabled, a regular trick by spammers, there is a default value. Either way, if the two field values do not match, the .asp script will not process the form. I have been using this trick for years without any spam. The nice thing about it is that the fields are easy to read so a visitor does not have to guess again and again.
11:51 pm on Aug 31, 2011 (gmt 0)

Senior Member from GB 

WebmasterWorld Senior Member brotherhood_of_lan is a WebmasterWorld Top Contributor of All Time 10+ Year Member Top Contributors Of The Month

joined:Jan 30, 2002
posts:4884
votes: 16


Truth is, any form of captcha will be cracked by some clever people who have the need to. If every site had its own form of captcha technique, then their solutions would be less scalable.

It remains a problem if your site is targeted specifically.