• http://www.neighborcity.com jonathancardella

    Captcha is poison to site usability. It frustrates regular users and completely discriminates against disabled users. It’s surely not the best way to secure a webpage.

    Using MD5 authentication we can seamlessly block bot form submissions and provide this solution in beta at SiteBrains .

  • http://www.visionefx.net Rick Vidallon

    SCREW CAPTCHA… I LOVE SPAMMERS

    As a business owner I prefer not having any blocks or hurdles between me and a potential customer. When you have any security script installed in your web form then all it takes is one entry mistake for a number or character and the form submission will fail and ask them to try again. For someone who is in a hurry, prone to keyboard mistakes or has difficulty seeing their screen up close; this can be extremely frustrating.

    This is why I do not have any security scripts on my website contact or inquiry forms. Although I use Postini, I still have to deal with spam.

    If you want customers to contact you, it’s best to keep it simple and easy to do. I would rather see my daily in box filled with 1000 spam emails and two new website customer inquiries versus having no customer leads at all.

    My message to the spammers and marketers..
    ‘Bring it on… because I have the fastest delete keystroke in town’.

  • http://www.vouchsafe.com Chris

    I have been trying for some time to stimulate some real discussion on CAPTCHAs and usability. Basic CAPTCHAs are hard enough, while audio CAPTCHAs seem like a mean-spirited joke on the visually impaired.

    My company has created a new technology to replace CAPTCHAs called VouchSafe, and one of the key things we focused on (in addition to usability and security) was accessibility. We worked really hard on developing an audio solution that would be easy to hear and understand, and we’ve been continuing to improve it.

    The problem we discovered is that when it comes right down to it, very few site operators actually care about accessibility. The merest symbolic gesture toward accommodation seems to be enough, and very few people actually take the time to try the software from the perspective of a blind person. Most reCaptcha implementations don’t even enable keyboard shortcuts to activate the challenge – but how in blazes is a blind person supposed to find the button with their mouse?

    I would love to hear more from users and site operators about what they think is important with regard to usability and accessibility of a human interactive proof like CAPTCHA. I’ve created a discussion group on LinkedIn here: http://www.linkedin.com/groups/Build-Better-CAPTCHA-4204459?trk=myg_ugrp_ovr

    I would love to have your input.

  • http://www.aerialandhandlingservices.com catkins10

    I find Captcha really difficult to solve and sometimes it makes me not complete the form or transaction. But the simple equations, or trivia questions are fine. Do these pose a spam threat, or could these be used more often instead of Captcha words?

  • http://www.returnondigital.com/about-us/dave-ashworth.php dave_ashworth

    Personally I avoid at all costs – sometimes it turns into a quiz which is a step to far for most users – there are ways of beating spam though – I recently implemented a hidden field technique that places a field in the form that users won’t see but bots will – so if that field gets filled in, you know it’s spam and just ignore the form submission – so far this has been a great success, there is more on this technique in the blog post I wrote:

    http://www.returnondigital.com/blog/how-to-sto-form-spam-without-using-captcha

  • Kim Krause Berg

    Readers of this article may be interested in another one that came out around the same time:

    6 CAPTCHA Alternatives to Improve Conversion – http://www.getelastic.com/6-captcha-alternatives-to-improve-conversion/

    Thanks for you comments!

  • http://shinytoyrobots.com Robin Cannon

    Captcha is an absolute pain. Even had to think about whether I could be bothered writing this comment because of the need to fill in a captcha field to submit it!

    I’m surprised that there isn’t a greater use of “reverse captcha”, which can be a positive way of implementing many of the advantages of captcha without the problems that face an end user. The general principle is very simple; forms have a hidden field. A bot will fill in that field with what it thinks is relevant information. A human user won’t see the field at all. Verification checks if the field is empty or not, and if it’s not then it knows that it’s looking at a bot interaction.

  • http://www.gentlemedia.nl Ralph Echter

    I don’t understand the whole captcha thing. There is no need for having these annoying captcha’s on a form just like the one here. If you handle security through your PHP mailer script than spambots can post whatever they want, but these messages goes straight into the ‘honeypot’ instead of your inbox. Seriously… no need for captcha if you code it right.

  • http://www.jasonzipperer.com Jason Zipperer

    Requiring the user to “prove” they are human, is shifting our problem on to the user. Put in place a combination of server side fixes (honey-pot, page timer, etc.), and let users be.

  • http://www.gentlemedia.nl Ralph Echter

    @dave_ashworth – I’ve read your comment after I posted my message, but this technique is exactly what I mean. Use a hidden field which spambots only see and fill out, and if this field is filled out the submission goes nowhere.

  • Andy

    “Spammers pay about $0.80 to $1.20 for each 1,000 solved CAPTCHAs to companies employing human solvers in Bangladesh, China, India, and many other developing nations.”

    How would the paymaster know how many Captchas the third-world spammer has solved? The mind boggles

    There are lots of techniques now that mean that Captchas are not necessary on low-profile sites, but obviously the large the site the more of a juicy target it becomes for the determined spammer

    Also, on your site. I have to sign in with Twitter and then enter a Captcha as well. Surely overkill.