Captchas and Human Readability - Discussion

Discuss features as they are added to the new version. Give us your feedback. Don't post bug reports, feature requests, support questions or suggestions here.
Forum rules
Discuss features as they are added to the new version. Give us your feedback. Don't post bug reports, feature requests, support questions or suggestions here. Feature requests are closed.
Post Reply
Case
Registered User
Posts: 60
Joined: Tue Jun 06, 2006 9:44 am
Contact:

Re: Captchas and Human Readability - Discussion

Post by Case »

Just out of interest, how can bots get by something like this mod...

http://www.phpbb.com/phpBB/viewtopic.php?t=472940

It adds another question to the registration page. You set what the question is and (of course) what the answer is in the ACP.

I've installed it on my phpBB2 board and not had 1 spambot sign up. I was previously getting 10+ a day. I've even disabled visual confirmation.


So yea, can bots crack something like this? You can change the question/answer as much as you want. Seems pretty fool-proof to me but that's why I'm asking.

User avatar
Highway of Life
Registered User
Posts: 1399
Joined: Tue Feb 08, 2005 10:18 pm
Location: I'd love to change the World, but they won't give me the Source Code
Contact:

Re: Captchas and Human Readability - Discussion

Post by Highway of Life »

It is a good method, but it has two major flaws... user-unknowing and language support.

What happens if the person is from another society, and the question you ask the person is not familiar with the question, and therefore has to guess at the answer.
The you have problems with people who speak other languages trying to sign up on your board.
I know that if we had this MOD installed, at least 3 of our posting members would not be members due to language barriers.
So yes, it might be well to install the MOD, but as many go, it would still have it's cons.
I prefer spam prevention methods that require the least amount of user input, to decrease the possibility of user-error, but sometimes, a little is needed and good.
A Bot can also be programmed to look up answers for a variety of questions, even to look up the wikipedia for a possible answer, so if that kind of MOD got/gets popular, we would quickly see some spambots sprout up that are able to defeat it.
But as long as it stays obscure, programmers won't waist their time trying to program spambots around such barriers... in their mind, there are plenty of other forms, forums, and guestbooks to hit to be worried about a small handful that can defeat the spambots.

PMM, I love the idea of the delay, that is an excellent idea... *adds to list* Thank you!!
Image

User avatar
EXreaction
Registered User
Posts: 1555
Joined: Sat Sep 10, 2005 2:15 am

Re: Captchas and Human Readability - Discussion

Post by EXreaction »

Case wrote: Just out of interest, how can bots get by something like this mod...

http://www.phpbb.com/phpBB/viewtopic.php?t=472940

It adds another question to the registration page. You set what the question is and (of course) what the answer is in the ACP.

I've installed it on my phpBB2 board and not had 1 spambot sign up. I was previously getting 10+ a day. I've even disabled visual confirmation.


So yea, can bots crack something like this? You can change the question/answer as much as you want. Seems pretty fool-proof to me but that's why I'm asking.


And out of interest, what happens when the owner of said board is not up to configuring it right? How many legit users could get by it?

If you want to do things that way you might as well remove the registration page on your board...no bots can get in that way. ;)

Case
Registered User
Posts: 60
Joined: Tue Jun 06, 2006 9:44 am
Contact:

Re: Captchas and Human Readability - Discussion

Post by Case »

I've set it up on my board so the question they see on the registration page basically says 'Click HERE and follow the instructions'. They click on the link and it takes them to a page which says something like; "To register, type PASSWORD in the box".

So I'm just giving them the answer, they can't get the question wrong. I can change that password in a few seconds too if I want to make it unique everyday or something.

The language barrier might be a problem but I'd be surprised if anyone would want to sign up to an English speaking board who can't understand that. I see your point though.

I guess its just like having a required registration field only the answer has to be something you specify. The bots would find a way through in the end though, I guess. We can't win :(

User avatar
pc-tutorials
Posts: 27
Joined: Mon Aug 14, 2006 6:47 am
Location: Steenbergen, The Netherlands
Contact:

Re: Captchas and Human Readability - Discussion

Post by pc-tutorials »

Another idea to reduce the amount of spambots: make a system to install new anti-bot solutions easy. Then make a mod database with much different CAPTCHA's, a boilerplate question, a field shuffler, all those thing that are earlier mentioned above. Because much bots focus on one kind of those protections it will reduce the amount, as earlier said.
for($i=1;$i>0;$i++){
echo "Bug detected, fix in progress";
}
----------------
Sorry for bad English, I'm not native :)

Post Reply