Visual Confirmation
Forum rules
Discuss features as they are added to the new version. Give us your feedback. Don't post bug reports, feature requests, support questions or suggestions here. Feature requests are closed.
Discuss features as they are added to the new version. Give us your feedback. Don't post bug reports, feature requests, support questions or suggestions here. Feature requests are closed.
Re: Visual Confirmation
Try adding a simple math problem in the image (or a harder one possibly).
http://www.myinformationalsiteii.c-f-h.com/" target="_blank
http://www.best-free-webtools.com/" target="_blank
http://www.coolreader.net/dev/" target="_blank
http://www.best-free-webtools.com/" target="_blank
http://www.coolreader.net/dev/" target="_blank
Re: Visual Confirmation
Aren't those easier for computers to crack then for humans?
- Cheater512
- Registered User
- Posts: 245
- Joined: Thu Mar 23, 2006 1:29 am
- Location: Brisbane, Australia
- Contact:
Re: Visual Confirmation
If the bot can read them then yeah it makes no difference.spambot wrote: Aren't those easier for computers to crack then for humans?
Re: Visual Confirmation
I know the hope is for an effective method of spam prevention that is automated, and requires no work on the administrator's part. However, I wonder if there are sufficient efforts to make it easier for administrators to manually approve based on direct communication with registrants.
For preventing *registration* by spammers, one method would be to require registrants to answer one or a few questions specific to the forum, which would be emailed to the administrator (or posted on an easy-to-use administrator's response page). E.g. Please tell us a little about your background and interest in the subject of this forum. If the nature of the answer isn't coherent or relevant enough to convince the administrator they are legit, they could either simply disapprove, or send a follow-up question by e-mail if they're not sure.
The follow-up message to the registrant could be from a "do-not-reply" address to prevent being added to an e-mail spam list, with an embedded link to a form where they need to respond.
There could also be an option for an administrator's policy, such as I've seen on some blogs: Moderate every new registrants first post (or first several, a number chosen by administrator). Once it's been established their posts are not irrelevant, machine-generated posts, they are no longer moderated.
For preventing *registration* by spammers, one method would be to require registrants to answer one or a few questions specific to the forum, which would be emailed to the administrator (or posted on an easy-to-use administrator's response page). E.g. Please tell us a little about your background and interest in the subject of this forum. If the nature of the answer isn't coherent or relevant enough to convince the administrator they are legit, they could either simply disapprove, or send a follow-up question by e-mail if they're not sure.
The follow-up message to the registrant could be from a "do-not-reply" address to prevent being added to an e-mail spam list, with an embedded link to a form where they need to respond.
There could also be an option for an administrator's policy, such as I've seen on some blogs: Moderate every new registrants first post (or first several, a number chosen by administrator). Once it's been established their posts are not irrelevant, machine-generated posts, they are no longer moderated.
-
- Registered User
- Posts: 30
- Joined: Fri Oct 07, 2005 1:37 am
Re: Visual Confirmation
This somewhat reminds me of another forum (either IPB or SMF, which I dislike both of course because phpBB is the best!) but it could be done some sort of cheap way with phpBB...erm. Well on other boards, you can set the user to be upgraded to a different usergroup depending on the amount of posts they have. So, you could have the default user group have their posts moderated in forums, then, once they reach xx posts, they are bumped up to a normal member which does not have moderated posts....There could also be an option for an administrator's policy, such as I've seen on some blogs: Moderate every new registrants first post (or first several, a number chosen by administrator). Once it's been established their posts are not irrelevant, machine-generated posts, they are no longer moderated.
... the only problem with this is phpBB lacks an automatic upgrade on user groups. At the same time, I think it is a bad feature that could allow someone to gain power when you don't want them too. ... and it is just plain old confusing in general.
My one comment about the visual confirmation is that I tried registering a test account on my own phpBB3 test board, and I couldn't sign up without turning off the confirmation because I had a horrible time reading the dumb letters and numbers and figuring out what is what.
-
- Registered User
- Posts: 1
- Joined: Sun May 14, 2006 3:26 pm
Re: Visual Confirmation
Hi, I am a human from the planet earth.
The visual confirmation images are way too hard to read for me. When do I know what the font's 'small letter' or 'big letter' is when they seem to change size randomly sometimes? It's made to fool the scripts isn't it, but then why did I have to spend 16 attempts including cookie resets to register? (which you can probably get scripts to do for you anyways? Macro? Something?)
I don't have any problem with my eyes, don't wear glasses or contacts and I'm able to read stuff even when it's small and far away. If I upgrade to this when it comes out I'll think all the users will be suffering the same hassle, and what if they don't know how to reset their cookies?
These are some problems from me, I don't like it and registration wasn't comfortable at all for me because of this :/
I just wanted to say.
The visual confirmation images are way too hard to read for me. When do I know what the font's 'small letter' or 'big letter' is when they seem to change size randomly sometimes? It's made to fool the scripts isn't it, but then why did I have to spend 16 attempts including cookie resets to register? (which you can probably get scripts to do for you anyways? Macro? Something?)
I don't have any problem with my eyes, don't wear glasses or contacts and I'm able to read stuff even when it's small and far away. If I upgrade to this when it comes out I'll think all the users will be suffering the same hassle, and what if they don't know how to reset their cookies?
These are some problems from me, I don't like it and registration wasn't comfortable at all for me because of this :/
I just wanted to say.
Re: Visual Confirmation
Some suggestions:
- Read this to find out why
- Turn off Visual Confirmation
- Make your own
Re: Visual Confirmation
May I suggest three nice and easy option for prevent automatic captcha passing:
1. Make background with characters (but almost not visible). For automates it will be recognizable but human will read only those strong. To making this more complicated you can make two layers of captcha file - background (with very gray characters), and foreground (with black or color)
2. Post two captcha on one page and ask to put right cod in first, and FALSE in second. You can put even more captcha with randomizing order. You can also use randomize text for explanation (like: write FALSE, write Mistake, write nut True ...etc)
3. Use fonts which add small characters to some of them. F.e. G___Ta__ H___ Su__Z - this is only 5 characters with two odd.
1. Make background with characters (but almost not visible). For automates it will be recognizable but human will read only those strong. To making this more complicated you can make two layers of captcha file - background (with very gray characters), and foreground (with black or color)
2. Post two captcha on one page and ask to put right cod in first, and FALSE in second. You can put even more captcha with randomizing order. You can also use randomize text for explanation (like: write FALSE, write Mistake, write nut True ...etc)
3. Use fonts which add small characters to some of them. F.e. G___Ta__ H___ Su__Z - this is only 5 characters with two odd.
http://www.genealogia.okiem.pl - Polish genealogical site
- Highway of Life
- Registered User
- Posts: 1399
- Joined: Tue Feb 08, 2005 10:18 pm
- Location: I'd love to change the World, but they won't give me the Source Code
- Contact:
Re: Visual Confirmation
The problem is that most CAPTCHA's that are readable by humans can be readable by bots. The more difficult you make the CAPTCHA for a bot, the more difficult it will be for the human. There are many "tricks" being used by phpBB to make the CAPTCHA very difficult to crack, but it is always a matter of time before the bot script creators eventually figure out a way to read that particular CAPTCHA, it is then necessary to come up with a new method that will fool the bot scripts until they figure that one out.okiem wrote:1. Make background with characters (but almost not visible). For automates it will be recognizable but human will read only those strong. To making this more complicated you can make two layers of captcha file - background (with very gray characters), and foreground (with black or color)
The only "sure" way to prevent spam registrations is for each board owner to implement a truly unique spam prevention method on their board.
This is extremely easy for bots to figure out and will only add annoyance for users.okiem wrote:2. Post two captcha on one page and ask to put right cod in first, and FALSE in second. You can put even more captcha with randomizing order. You can also use randomize text for explanation (like: write FALSE, write Mistake, write nut True ...etc)
Logic puzzles are never a good idea because there are humans that will have problems figuring those out.okiem wrote:3. Use fonts which add small characters to some of them. F.e. G___Ta__ H___ Su__Z - this is only 5 characters with two odd.
- EXreaction
- Registered User
- Posts: 1555
- Joined: Sat Sep 10, 2005 2:15 am
Re: Visual Confirmation
People need to stop relying on captchas to prevent spam. They only work for so long and make things much more difficult for end users. Don't want someone posting xxx.com in your board? Well just use a mod that blocks certain words from being posted and put in xxx.com as a flag word. Now spammers can only spam a website once, after they do you just add the domain to the blocked list and you'll never get that again.
All you do by making harder captchas is make people work harder to register on your site. Isn't the goal usually to get more members? Why would they register at your site when they have to work harder to do it? If you make it too hard you just won't get any new registrations.
All you do by making harder captchas is make people work harder to register on your site. Isn't the goal usually to get more members? Why would they register at your site when they have to work harder to do it? If you make it too hard you just won't get any new registrations.