Web Development

  Homes arrow Web Development arrow The Trouble with CAPTCHA
 Webmaster Tools
Base64 Encoding 
Browser Settings 
CSS Coder 
CSS Navigation Menu 
Datetime Converter 
DHTML Tooltip 
Dig Utility 
DNS Utility 
Dropdown Menu 
Fetch Content 
Fetch Header 
Floating Layer 
htaccess Generator 
HTML Encoder 
HTML Entities 
IP Convert 
Meta Tags 
Password Encryption
Password Strength
Pattern Extractor 
Ping Utility 
Pop-Up Window 
Regex Extractor 
Regex Match 
Scrollbar Color 
Source Viewer 
Syntax Highlighting 
URL Encoding 
Web Safe Colors 
Forums Sitemap 
Weekly Newsletter
Developer Updates  
Free Website Content 
 RSS  Articles
 RSS  Forums
 RSS  All Feeds
Write For Us 
Contact Us 
Site Map 
Privacy Policy 
  >>> SIGN UP!  
  Lost Password? 

The Trouble with CAPTCHA
By: Bruce Coker
  • Search For More Articles!
  • Disclaimer
  • Author Terms
  • Rating: 5 stars5 stars5 stars5 stars5 stars / 3

    Table of Contents:
  • The Trouble with CAPTCHA
  • Alternatives to CAPTCHA
  • More Alternatives

  • Rate this Article: Poor Best 
      Del.ici.ous Digg
      Blink Simpy
      Google Spurl
      Y! MyWeb Furl
    Email Me Similar Content When Posted
    Add Developer Shed Article Feed To Your Site
    Email Article To Friend
    Print Version Of Article
    PDF Version Of Article




    The Trouble with CAPTCHA

    (Page 1 of 4 )

    The technology world is full of terrible acronyms, but if there were a competition to identify the worst, CAPTCHA -- Completely Automated Public Turing test to tell Computers and Humans Apart -- would have to be a major contender. Nonetheless, anyone who has ever registered with a social networking web site or forum knows what a CAPTCHA graphic looks like. They are those strange, squiggly collections of letters that users are asked to type to confirm that they are in fact people rather than machines, based on the supposition that computers are unable to read the oddly shaped and colored characters. Having offered good protection for years, these are now under attack. Keep reading for today's alternatives to CAPTCHA.

    CAPTCHA is currently an important element of the registration process for many web sites because they must protect themselves from abuse, whether it be spam sent from webmail services, commercial exploitation, or automated postings to blogs and forums. On the whole, the system has worked reasonably well for a number of years, despite humans themselves often needing several attempts to get them right. This, you might imagine, only confirms the effectiveness of the CAPTCHA: if it's difficult for a human to solve, how much more challenging for a machine?

    The reality is somewhat different. Spammers and crackers are resourceful, and the value of accounts on legitimate systems is high to such people. As a result, the security of the CAPTCHA has become deeply compromised, to the extent that, according to an article published recently on Computerworld.com, up to 35% of attacks against the CAPTCHA systems of Microsoft and Yahoo are now successful.

    These attacks are carried out in a variety of ways that demonstrate the core vulnerabilities of CAPTCHA systems. The first main problem is that they are vulnerable to increasingly sophisticated Optical Character Recognition (OCR) software. This has led to the distortions in the letterforms becoming so great in order to deceive machines that they frequently deceive humans too. It isn't uncommon to have to attempt half a dozen or more CAPTCHAs to register for a single web site, resulting in frustration levels that cause these sites to miss out on some of the genuine human members on whom they depend.

    Typical CAPTCHA graphic, demonstrating typical CAPTCHA problems. Is the first 'P' upper or lowercase? Does it matter? Is 'cume' actually a word?

    The second major problem faced by CAPTCHA graphics is that no matter how elaborate they become in order to defeat software cracks, they will always remain vulnerable to circumvention by humans. In some cases this has resulted in the abandonment of attempts at machine-based circumvention in favor of an obvious solution: employing people to solve the CAPTCHAs.

    Teams of solvers operate in data processing centers, typically in low-wage economies such as India, where a "salaried" CAPTCHA solver requires approximately six seconds to produce a solution for which he or she is paid around $0.002. Services such as decaptcher.com have used this model to commoditize CAPTCHA solutions: you simply pay them via PayPal and wait for the solutions to roll in.

    More Web Development Articles
    More By Bruce Coker



    - On Page SEO for New Domains
    - Improve Your Site`s Speed
    - Safari Books Online Review
    - Creating an Estore From the Ground Up
    - Most Common SEO Mistakes Developers Make
    - Making the Most of Your Titles and Meta Desc...
    - Five Ways Using Flash Can Damage Your Site
    - A Web Designer`s Guide to Colors
    - Use Webstarts to Create a Free Site
    - More Than Just Looks. How Your Web Design C...
    - How to Design Content Pages
    - Mint Review
    - Make Your WordPress Website Look Professional
    - How to Create a Mobile Web Site
    - Meta Tags: Still Useful?

    Developer Shed Affiliates


    © 2003-2018 by Developer Shed. All rights reserved. DS Cluster - Follow our Sitemap