 posted in security
on 6 February 2007
by Andrew Lang
View Articles By Category | View Articles By Month | View Articles By Latest
|
Preventing spam without CAPTCHA
Earlier we wrote about CAPTCHA as a way to prevent automated posting for online forms.
The obvious disadvantage to CAPTCHA is it requires a further action from the user, and CAPTCHA text is not always readable to those even with 20/20 vision! So it's also an accessibility issue.
CAPTCHA stands for "Completely Automated Public Turing test to tell Computers and Humans Apart". The onus is on the website visitor to prove they are human, rather than the spam 'bot'!
Spammers can automatically post online forms by guessing or learning the field names of the form. Even if you use an obscure field name for the email address (for example), all it takes is a person to understand this name, then tell the spam program to use this field name.
This got us thinking - what if the field names were randomised everytime an online form was accessed? We implemented this on a test website that received spam daily without CAPTCHA.
Over the last week, this mailbox was received zero spam using this new method, so it seems to be working.
Share this article:
 Digg it |  del.icio.us |  Stumble it! |  Reddit |  Furl
any quoted text is from source mentioned above - all other text is authored and copyrighted by puresilva.com
|
|
| |
|
| |
The puresilva shipping & handling facility allows you to make up your own shipping rules; base shipping on weight, gift-wrapping, next-day delivery, recorded delivery, areas like UK, Europe, rest of the World, or any locations you want. You make up the rules - you can even offer discounts! You can use as many rules as you want so your customers can choose their preferred shipping & handling for their products.
View demo | More puresilva features |
|
