alternativas al captcha
Post on 27-May-2015
1.012 Views
Preview:
TRANSCRIPT
Alternatives to CAPTCHABy Jason T. Stiles
What is CAPTCHA?C ompletelyA utomatedP ublicT uring test to tellC omputers andH umansA part
Why use CAPTCHA?To prevent automated software (i.e. 'bots') from performing any type of submission on a website.
Most common attacks:● Account Registration● Comment Spam● Dictionary Attacks● <any other type of form here>
Examples of CAPTCHAs● Simple Image CAPTCHAs● reCAPTCHA● Voice CAPTCHAs● Game CAPTCHAs● KittenAuth
Simple Image CAPTCHA
reCATCHA
"reCAPTCHA improves the process of digitizing books by sending words that cannot be read by computers to the Web in the form of CAPTCHAs for humans to decipher."
Voice CAPTCHA
The characters are shown to you. Click the audio/handicap icon to hear the letters spoken to you.
Game CAPTCHA
Play the game! In this game, you put the non-flying objects on the ground: the Bus and Cow. If you can do it, you pass the test.
KittenAuth
Alternatives to CAPTCHA● Math and Word Problem CAPTCHAs● The JavaScript Trick● The CSS Trick (Honeypot)● ???
Math & Word ProblemsIs fire Hot or Cold? What does 1+3 =? 3 + _ = 5? My name is Jason Stiles. What is my last name? What color is the sky?
The JavaScript TrickAdd a field to a form dynamically with JavaScript and hide it from the User. Check on the server-side if the field was submitted.
Most bots can't execute JavaScript, so the field won't exist and thus the test will fail (for the bot)!
JavaScript Codefunction addFieldTo(form_id) { var form = document.getElementById(form_id); var textbox = document.createElement('input'); textbox.type="text"; textbox.name="test"; textbox.style.display="none"; form.appendChild(textbox);}
The CSS Trick (HoneyPot)● Bots like to make sure they fill out every field
on a form to better their chances of submitting a form.
● This trick places a simple input field on the form again and hides it from humans.
● The form handler then simply checks to see if the field is blank upon submission.
● If it is, we can say it was a human! If not, it's a bot!
Remember this!Humans FIRST! Bots SECOND! Websites are for humans to use, not bots. Make sure your tests don't degrade the experience for your visitors!
top related