Son of a Beach wrote:Q&A Captcha could be configured as the default for new installs, and the install procedure could make it compulsory to either change the Captcha to something else (with relevant warnings) or to supply at least X number of Q&A Captcha questions and answers.
Supplying question/answer combinations by default would be completely useless. XRumer, an evil forum spamming program, includes a file called
which includes > 2000 question/answer combinations. Any default question/answer combinations would immediately be added to this file. I'm sure other spamming software would have a similar way of doing this.
I do agree that the Q&A CAPTCHA and advice on how to prevent spam should be prevented in the documentation, and perhaps maybe even mentioned on installation.