Jump to content
carbonize

Alternate Captcha?

Recommended Posts

I could post this on specialist scripting sites and get really complex answers but I'm a simple man and want simple answers. That and sometimes people on the outside have better ideas.

 

Anyway I am looking at improving the CAPTCHA method used by Lazarus Guestbook. I am trying to find something different from the usual 'Enter the characters from the image' stuff. I do have some ideas of my own but I can also see ways to defeat them so I am posting this request here to see what other people can dream up. Remember the idea must be simple for the end user to do and must not use client side stuff like Javascript.

 

Just to get the ball rolling here is one idea I had and dismissed:

 

I display a solid block of colour and have the guest select the matching colour from a choice of eight using either a select box or radio buttons.

Share this post


Link to post
Share on other sites

Don't have another idea for your captcha.

 

But you were right not to try using color since some folks are color blind and would not see the difference between red/green, and would not be able to use your captcha method.

 

[FYI: this site allows you to enter a webpage address and it will render the page the way color blind people see it h**p://www.vischeck.com/vischeck/ Very interesting.]

Edited by Samrc

Share this post


Link to post
Share on other sites

Yes at present I have come up with, and dismissed, around about ten different methods. The only simple way I can perceive is a simple text based instruction into what to type into the box/select. I have seen one script (can't remember which) that used simple sums as it's captcha but since it can be read by a bot it would be easier to break than an image captcha.

 

So we can safely say text based is the best way to go so next we need to devise some sort of logical problem or wording that would be easier for a human but difficult for a computer. We also must avoid things that require preprogrammed responses as then we end up with a limited number of answers.

 

1. Black is to white as night is to ?

Problem there is we would require a list of preset opposites.

 

Only reasonable idea I have had was to use either sums or a list of numbers but change the wording of the sentence. Again we would end up with a limited number of preset sentences though.

Share this post


Link to post
Share on other sites

How about pictures of different animals / objects - and a selection of what you can see ? As an extension to your colours .... if the board owner could choose the images / responses they would all be different (you just have to hide the name of the image file of course and not make them pic1 for options 1 ;)

 

 

How many legs can you see in this photo .... that sort of thing

Share this post


Link to post
Share on other sites

Thought about that but again it only works for people with good eyesight and a graphical browser. Before adding CAPTCHA to Lazarus it had a simple question/answer system to stop spam (apparently this method is called SAPTCHA). After doing some reading about various methods (audio mainly) I have come up with an idea.

 

My Idea

 

The admin can specify a list of words to be used as the 'answers' to the test and one will be selected at random per session. The admin can also specify a list of single line instructions that will also be selected at random. Each instruction line will have [ANSWER] put at the point to display the answer (possibly with [REWSNA] to display the answer reversed). This way you should end up with a list of instructions/answers unique to each site. Whilst programs can be written to read images I have yet to see one that can understand language properly.

 

Example instructions:

Enter [ANSWER] into the text box.

What is [REWSNA] written backwards ?

Please type [ANSWER] in the box to prove you are not a bot.

This is a test to which the answer is [ANSWER]. Enter it below.

 

This method should be accessible to all.

Share this post


Link to post
Share on other sites

OR have you considered:

 

enter only the five UPPERCASE LETTERS into the box: A59t81L6Bau7rDY

The answer would be: ALBDY

 

The code would change from page to page but would retain 5 letters each time.

The placement of CAPS could change so it would not be the same placement (1st, 7th, etc) each time.

Share this post


Link to post
Share on other sites

I thought about that along with rendomly generated answers but to find the requierd string would just require some regex since it doesn't fit most word structures. Your idea has the flaw that once the string is found they just parse the uppercase letters.

Share this post


Link to post
Share on other sites
Your idea has the flaw that once the string is found they just parse the uppercase letters.

True, if it stayed the same. But what if i you alternate between only UPPER, lowercase, odd numbers, even numbers, etc. Randomize it so each time the page loads you get a different version. The number letter combo would have 5 each: upper, lower, odd, even. The visitor would have to determine WHICH 5 to input based on the randomized instruction.

Edited by Samrc

Share this post


Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.


×
×
  • Create New...