I know, I know. I've said this before. Trying to have a conversation on another blog and the CAPTCHA … oh my god. If you insist on using CAPTCHA (for some unknown reason), follow some rules:
- only letters and numbers, and never l, o, I, O, 1, or 0
- don't make the comparison case sensitive
- make sure all the characters are fully in the view window
- don't use session scope (use a hash)
- don't make the same person enter more than one CAPTCHA if they're otherwise identifiable
If you're rational, install anti-spam software (Akismet works great), throw some JS in there for robots to fail to deal with, and use per-contributor moderation. Please, lets not make the blogosphere into a hostile world of mistrust when it doesn't have to be. New wooden hot tubs, baths designs, hand made BBQ grills, along with lots of love: Wooden SPA Solutions UK
I know what you mean, I hate trying to figure out what some CAPTCHA images say. I held off on implementing it on my site as long as I could but I got soooo many people spamming my blog and sending me my own articles with little ads nested in them and junk like that, it just got ridiculous and I had to turn the CAPTCHA on just so I didn't have to delete the hundreds of emails I was getting a day. =(
I think CAPTCHA should be banned, and people that use it should have to pay a fine or something… ;)
I couldn't agree more. I hate CAPTCHA. And having to enter it to comment on a blog just makes me not want to comment. People who use it aren't doing themselves any favors in terms of encouraging people to explore their site and comment. It sounds from your post like there are other ways to get rid of spammers, why don't people take a little extra time and implement those methods instead of making us all irate? Is it just coder laziness? ;)
@ Heather,
I wasn't going to mention this before, but:
http://cfformprotect.riaforge.org/
Jake,
That'd definitely do the trick for CF-based blogs (I happen to use WordPress). Akismet has plugins for pretty much every language in use on the web (CF included), and all the major blog engines I've looked at have Akismet plugins already available.
CFFormProtect has Akismet as well. :)
Glad to hear that I'm not the only person who thinks CAPTCHA is a bad way of stopping spam. I did read that OCR spambot software is as good at reading the images as real people. As don't forget all the visually impaired visitors to your site – how are they supposed top read the CAPTCHA image?!
Visual image captchas are bad. They block out and discriminate against visually impaired users, punishing them as spammers.
Visual verification that requires you to enter characters in an image you see, or answer a question about what's in an image you see, blocks out anyone with a visual impairment.
Clicking to get a larger image displayed does nothing at all for people with severe vision impairments who cannot even read large print.
Audio captchas are becoming available on a growing number of sites, but even they aren't good enough. The deaf-blind use braille displays and cannot see a picture or hear a corresponding sound.
Captchas force the blind to surrendor what independence they once had on site registration and forms, reducing them to begging a sighted person or site admin for help in account creation, form submittal, group creation, anywhere there is a manditory visual verification code.
As if that wasn't bad enough, Many of these captcha-using sites add further insult to the visually impaired when they demand you to prove you are human by entering in a visual code. If you are blind and you cannot see an image, does that disqualify you as a member of the human race? According to captcha, yes!
This is not a tiny little inconvenience that occurs every once in a blue moon, but an ongoing, day to day problem. Trying to register, make comments, create groups, or fill out any form to completion is a crapshoot if you are visually impaired. If you are on your own, trying to make a submission on a site and you are pressed for time, you are completely out of hope when you run up against a captcha and there is no one you can get to help you.. Site administrators may or may not have time or the desire to help you.
When you find yourself running up against this cyber face-slapping half or more than half the time you try to make submissions to various sites, it is demoralizing. You are told again and again that you are not welcome, you are not human, forced to pester a site administrator or someone else for help with something you could do on your own before, and as far as the site administration goes, you do not exist and are not worth consideration.
It's infuriating and a threat to the dignity of people who are at the mercy of visual verification captchas.
In addition to blind users having the door shut in their faces at sites that use visual captchas, It is evident that spam problems still occur as much as ever on sites that use captchas, proving captcha to be a cure that's worse than the disease.
If a site administrator feels so strongly that they must employ a captcha, there is a newer, truly accessible variety that should be more effective. It prompts you with a question in text format and requires you to fill in the answer. the questions should not require a person to be able to see an image to answer.
Bad examples: Which number in the picture is red?" "Which animal in the picture above has four legs?" How is someone who can't read print and has to rely on a screenreader supposed to know that?
Good examples: "How many legs does a cat have?" "What's 2+2?" Math questions can be asked in a number of different ways to hault a bot and still be accessible to a user. "What's 6 divided by 2?" What's 5 added to 3?" Even "What color is an orange?" is still a good example, because everyone except the bots, sighted or not, knows the answer.