Captchas and Human Readability

Get help with installation and running phpBB 3.0.x here. Please do not post bug reports, feature requests, or MOD-related questions here.
Suggested Hosts
Forum rules
END OF SUPPORT: 1 January 2017 (announcement)
powersauce
Registered User
Posts: 1
Joined: Tue Feb 07, 2006 12:13 am

Post by powersauce » Mon Oct 16, 2006 3:01 pm

Ozidave wrote: For christ's sake,

Go back to an editable image and post the fonts over the top of it..

As it as the moment... Only a bloody machine could read the subtle variations and stupid choice of fonts.

Are we forgetting that machines don't read images and some twit is making nearly impossible for humans to read... ??

Why so many choices... ??

Give us 5 optional EDITABLE background IMAGES, with fonts over the top...

Captcha in v3x is OVERWORKED................... :(

As it is a the moment.... It's STUPID - AWKWARD TO USE / READ - AND A PAIN IN THE BUTT FOR "ANY" human USER WHO TRIES TO REGISTER... :(

And the light / medium / heavy options are a load of cr*p... Just four or five optional background-images (.gif / .png) choices would be more "Real"...... :(


You can just disable the CAPTCHAs you don't want or can't read. In the current release, there are seven policies to choose from. I highly doubt you cannot read any of them at all.
DaveMiller wrote: Would it be possible to have a registration option which would demand email confirmation (as per activation) before any user was created At All.


I don't see why you can't just disable the CAPTCHA and turn on user e-mail confirmation. But, either way, the user (spammer or not) will be able to register an account even if user confirmation is required.

Caedmon
Former Team Member
Posts: 855
Joined: Sat Mar 01, 2003 11:45 pm
Location: British Columbia, Canada
Name: Charles Flanders

Post by Caedmon » Mon Oct 16, 2006 4:24 pm

Ozidave wrote: For christ's sake,

Go back to an editable image and post the fonts over the top of it..

As it as the moment... Only a bloody machine could read the subtle variations and stupid choice of fonts.

Are we forgetting that machines don't read images and some twit is making nearly impossible for humans to read... ??

Why so many choices... ??

Give us 5 optional EDITABLE background IMAGES, with fonts over the top...

Captcha in v3x is OVERWORKED................... :(

As it is a the moment.... It's STUPID - AWKWARD TO USE / READ - AND A PAIN IN THE BUTT FOR "ANY" human USER WHO TRIES TO REGISTER... :(

And the light / medium / heavy options are a load of cr*p... Just four or five optional background-images (.gif / .png) choices would be more "Real"...... :(


Opinions are like arseholes... I'm sure you know the rest of the saying... Just because you don't like them means nothing in the grand scheme, and it's probably not going to change things. Over-generalizations also make you look moronic. ;-)
Former Moderator Team Member 2004 - 2012

dakirbydude
Registered User
Posts: 1
Joined: Sun Sep 10, 2006 3:02 am

Post by dakirbydude » Sat Oct 21, 2006 12:41 am

[spam : camm15h]

User avatar
DavidMJ
Former Team Member
Posts: 314
Joined: Thu Aug 04, 2005 12:50 am
Location: New York

Post by DavidMJ » Sat Oct 21, 2006 3:40 am

Ozidave wrote: stupid choice of fonts.
Go find more open source fonts, I'll wait here in the interim.

User avatar
lanesharon
Registered User
Posts: 400
Joined: Fri Dec 05, 2003 9:33 pm
Location: º• Confused! •º
Contact:

Post by lanesharon » Fri Oct 27, 2006 9:15 pm

My initial install of Olympus will be for a senior citizen website, so Captcha is going to be tricky. But, I do want to keep the bots off the forum registration form. So, to try and make this block readable, I used the Entropy Captcha, no pixel noise, no line noise. I know it isn't the best, if their is human intervention, but it should work for bots. I hope. LOL

User avatar
lanesharon
Registered User
Posts: 400
Joined: Fri Dec 05, 2003 9:33 pm
Location: º• Confused! •º
Contact:

Post by lanesharon » Fri Oct 27, 2006 9:24 pm

DaveMiller wrote: Would it be possible to have a registration option which would demand email confirmation (as per activation) before any user was created At All.


There is, go to the ACP --> general tab --> board config category --> user registration settings

First line - Account Activation - choose Admin

Now, you can change the welcome email that is sent out upon a new registration to ask the user to reply with some verifiable bit of info. Or add that to the registration form and, once you review it, activate them. Simple.

iamcam
Registered User
Posts: 16
Joined: Sat Aug 21, 2004 12:57 am
Location: 20,000 leagues under the sea

Post by iamcam » Sat Oct 28, 2006 3:48 pm

would an audio captcha work, or reworking it so maybe you would only pick-out every other letter, or type the string in reverse order? Or a combination?

It seems that if the policy was randomized and the bot only had a limited number of tries before it was locked-out it could prevent a lot of spam registrations.

I really don't know much about how the whole captcha process works, so this might not even be a viable solution. For those who are worried that their users might now be able to solve it, do remember that they can still register by sending the admin an email.

papabearpw
Registered User
Posts: 10
Joined: Sat Mar 25, 2006 12:34 pm

Post by papabearpw » Mon Nov 13, 2006 2:17 pm

I'll admit, I haven't read every single post in here. So, if I am repeating something....sorry.

I ran across something I thought was a pretty good idea. I don't remember where I saw it, but, instead of using a picture and having people copy the characters, this site was using a question and answer form. Where a simple question was asked and you have to provide the answer.

Example:

2+2=?
or
What is the name of this website?

Does anyone know how well this works?

User avatar
Lastof
Registered User
Posts: 743
Joined: Fri Feb 13, 2004 7:29 pm
Location: UK
Contact:

Post by Lastof » Mon Nov 13, 2006 4:21 pm

papabearpw wrote: I'll admit, I haven't read every single post in here. So, if I am repeating something....sorry.

I ran across something I thought was a pretty good idea. I don't remember where I saw it, but, instead of using a picture and having people copy the characters, this site was using a question and answer form. Where a simple question was asked and you have to provide the answer.

Example:

2+2=?
or
What is the name of this website?

Does anyone know how well this works?


For the first,

Google: 2+2=

As for the second, if there were preset question, then there would only be a certain number of answers, which the bot could be taught (how may site's names are also the url?). Also, the answer is ambiguious. Is this site called phpBB or phpBB.com? How many other names can you concieve for this site/

You could allow people to set them themselves, but, how many would? 10%, 15%, probabaly not more than that. Most users do the minimum to get it working, then leave it.

Similar schemes have been suggested and rejected for the above reasons, among others.
Last edited by Lastof on 04 May 2011, 00:00, edited -1 times in total
----------------------------------------------------------------------------------------------------------------------------------------
Image
Look, I'm officially not a bug!!

agent00shoe
Registered User
Posts: 373
Joined: Sat Feb 12, 2005 9:39 pm

Post by agent00shoe » Mon Nov 13, 2006 7:16 pm

papabearpw wrote: I'll admit, I haven't read every single post in here. So, if I am repeating something....sorry.

I ran across something I thought was a pretty good idea. I don't remember where I saw it, but, instead of using a picture and having people copy the characters, this site was using a question and answer form. Where a simple question was asked and you have to provide the answer.

Example:

2+2=?
or
What is the name of this website?

Does anyone know how well this works?

It works very well and many websites have switched from outdated visual captchas to question and answer systems. I've used this on one of my sites and it works just fine. You just fill in as many simple questions and answers as you want and they're displayed in random order. Each question can have as many correct answers as you want so it's very flexible.

These visual captchas are headed toward extinction so there's no point in trying to improve them. The harder they are for bots to read, the harder they are for people to read and it defeats the purpose if people can't read them. Since bots can't think, the question and answer style is the way to go.

papabearpw
Registered User
Posts: 10
Joined: Sat Mar 25, 2006 12:34 pm

Post by papabearpw » Mon Nov 13, 2006 10:01 pm

Lastof wrote: For the first,

Google: 2+2=

As for the second, if there were preset question, then there would only be a certain number of answers, which the bot could be taught (how may site's names are also the url?). Also, the answer is ambiguious. Is this site called phpBB or phpBB.com? How many other names can you concieve for this site/

You could allow people to set them themselves, but, how many would? 10%, 15%, probabaly not more than that. Most users do the minimum to get it working, then leave it.

Similar schemes have been suggested and rejected for the above reasons, among others.


Those questions were just an example of what I meant....not necessarily ones that should actually be used.

This may be just my opinion, but, anyone who is not willing to spend a few minutes throwing together a few simple questions and answers to protect their site....well....let's just say, I wouldn't feel sorry for them.
agent00shoe wrote: It works very well and many websites have switched from outdated visual captchas to question and answer systems. I've used this on one of my sites and it works just fine. You just fill in as many simple questions and answers as you want and they're displayed in random order. Each question can have as many correct answers as you want so it's very flexible.

These visual captchas are headed toward extinction so there's no point in trying to improve them. The harder they are for bots to read, the harder they are for people to read and it defeats the purpose if people can't read them. Since bots can't think, the question and answer style is the way to go.


Exactly what I was thinking. I would personally rather spend a few minutes to draw up some questions and answers than to repeatedly have to sign people up because they couldn't figure out the CAPTCHA. Which, by the way, is exactly what I have had to deal with.

Tempy
Registered User
Posts: 1
Joined: Sun Nov 19, 2006 8:12 pm

CAPTCHAs and human Readability

Post by Tempy » Sun Nov 19, 2006 8:18 pm

Hi all,

I know feature request time is over but I think to rate CAPTCHAs it would be nice to have some statistic function: Captchas passed successfully, Captchas answered wrong, the captcha that *was* answered wrong (i mean exactly the same image the user that answered wrong did see) etc.

angelp1ay
Registered User
Posts: 175
Joined: Tue Dec 23, 2003 1:32 pm
Location: Bristol, UK
Contact:

Post by angelp1ay » Mon Nov 27, 2006 11:01 pm

iamcam wrote: ...or reworking it so maybe you would only pick-out every other letter, or type the string in reverse order? Or a combination?

It seems that if the policy was randomized and the bot only had a limited number of tries before it was locked-out it could prevent a lot of spam registrations...

Perhaps you could have on the previous page something like "Please enter the 1st, 4th and 5th digits on the next page" where 1st 4th and 5th are randomly generated and assigned to that session.
papabearpw wrote: ...instead of using a picture and having people copy the characters, this site was using a question and answer form. Where a simple question was asked and you have to provide the answer...

How about writing an instruction in captcha! Instead of reading say "34jnbgs" and entering that the captcha could read "enter *blah* in reverse" or something like that?!?

I think making it more complicated than a simple *copy* paste operation is the key (even if the *copy* involves decoding a picture). You need to take advantage of how a person and a bot are different.

Hope I've helped ?!?

User avatar
Lastof
Registered User
Posts: 743
Joined: Fri Feb 13, 2004 7:29 pm
Location: UK
Contact:

Post by Lastof » Tue Nov 28, 2006 12:43 am

angelp1ay wrote: Perhaps you could have on the previous page something like "Please enter the 1st, 4th and 5th digits on the next page" where 1st 4th and 5th are randomly generated and assigned to that session.


So, why can't the bot look at the first page, remember which it must fill in, then look at the next page, read, then fill in the digits?
How about writing an instruction in captcha! Instead of reading say "34jnbgs" and entering that the captcha could read "enter *blah* in reverse" or something like that?!?


What happens if I'm French? Spanish? Klingon? I understand enough English to post a almost intelligible post on, say, some software's support forum, or I can use something like google to translate the web page. However, I can't understand what it says in the image, it won't have been translated along with the webpage. How do I register?

Even if we ignore that, I'm fairly sure they could come up with a bot that can decypher those. We could only have a limited number of different methods of saying what to put in, and in what way. It's take the bot authors slightly longer, but not by much.
Last edited by Lastof on 04 May 2011, 00:00, edited -1 times in total
----------------------------------------------------------------------------------------------------------------------------------------
Image
Look, I'm officially not a bug!!

angelp1ay
Registered User
Posts: 175
Joined: Tue Dec 23, 2003 1:32 pm
Location: Bristol, UK
Contact:

Post by angelp1ay » Tue Nov 28, 2006 1:02 am

Lastof wrote: What happens if I'm French? Spanish? Klingon?

If you are going to be picky, with kittenauth, what happens if someone doesn't know what a certain animal looks like? I had trouble finding some of the elephants due to the nature of the images - and I know what an elephant looks like!!

Ok, that's obviously being a little harsh, it seems like a decent idea, I still think it can be improved upon though.
angelp1ay wrote: You need to take advantage of how a person and a bot are different.

The key thing is you need to get some information across to the user in a form they understand easily but that a computer doesn't. There must be a concept that will really seperate us from them.

Locked

Return to “[3.0.x] Support Forum”