Skip to main content.

Thursday, November 24, 2005

Captcha's

Captcha images are quite effective at halting comment spam. However, besides being inherently inaccessible, they're also quite annoying to regular users.

How to maintain a spam-free site, without annoying your users? That's the question.

One idea would be to make the captcha-generating code more intelligent. The NP_Captcha Nucleus plugin already does this in a limited way, by not generating challenges for registered site members. But that's only a start. There are a lot of possible tweaks.

How about never displaying the captcha challenge immediately? After the user hits the submit button, a set of rules (blacklist, heuristics, ...) could be used to identify a comment as "likely being spam". Only in such a case, the user would be presented with an actual captcha challenge:

This looks like spam

Result: in most cases, a user can post comments without interference of any kind. Only when a message has spam-like characteristics, an extra step is required.

How about the visually impaired, I hear you ask? The captcha should be accompagnied by an alternative audio-challenge. The challenge for developers here is to make such an audio file as good in telling computers and humans apart as a visual captcha. One site where I saw an audio captcha in action was the Passport registration wizard.

By the way, the same technique could be applied without the captcha. If the post looks like spam, the user could be allowed to fine-tune it, rather than dropping the post immediately. This is something which has annoyed me in NP_Blacklist in the past: a valid comment was seen as spam, a redirect to the spamtrap page occurred, and hitting the back button returned to an empty comment form :(

Just a bunch of thoughts...

Posted by karma at 21:56:39. Filed under: Thoughts

Comments

You should definitely read this discussion, Wouter:
http://forum.nucleuscms.org...

Posted by Roel at Friday, November 25, 2005 22:30:19

A smart captcha would be nice indeed. Captcha is my favourite anti-spam solution because it doesn't require human iteraction. Extremely easy to maintain and effective, but yes, very annoying to users. Educating the plugin to only show a captcha when the comment appears to be a spam would be brilliant.

It seems that the idea of random logic puzzles is easier to implement than "audio captchas", and they would be also accessible. "Which are the first and third letters of 'Dogville'?", "How much is 7 minus 4?" are examples of random logic puzzles.

I also think mistakes would be less common using puzzles than with those (sometimes very confusing) images.

Posted by moraes at Monday, November 28, 2005 16:46:29

@roel: Thanks for the link. I'll read it when I get some time.

@moraes: I think the difference with random logic puzzles is to make them truly random. If there are only a limited number of challenged, a spambot might be willing to learn how to interprete a sentence like "Which are the Xth [and Xth] letters of 'Y'?". Also, localization comes to mind.

Posted by karma at Monday, November 28, 2005 20:42:24

Indeed, spambots could learn how to solve puzzles. But for a small site with customized puzzles, it would be effective and less annoying than image captchas, I think.

Localization is a problem specially for non-English sites - they wouldn't receive comments from foreigners anymore (I assume most English sites don't want comments in foreign languages, so this would not apply to them :-P). I've never thought about this problem.

By the way, you could decrease the number of caracters in your captcha to 4 and it would still be effective! I use 4, and it is 33,3% better. Hehe.

Posted by Moraes at Monday, November 28, 2005 22:36:56

Installed this plugin today, it works great, comment spam was driving me crazy!

Posted by DiEPVRiESKiP at Saturday, December 03, 2005 19:35:37

testing captcha :)

Posted by Juan at Thursday, December 22, 2005 01:11:25

have you seen? http://www.thepcspy.com/kit...

Posted by kav at Wednesday, April 12, 2006 00:40:54

Good day today

Posted by fioricet at Monday, November 06, 2006 19:20:57

Add Comment

This item is closed, it's not possible to add new comments to it or to vote on it

Previous Item - Archives - Next Item