Spam sucks – we all know that. While captcha certainly helps, it also alienates lots of folks. As a society, we’ve never been good at recognizing disabilities. I remember watching a near-blind computer user try to get past captchas and i felt terrible for what our industry does. Yet, i had never felt the frustration. Until today. The Webby Awards uses captcha on every vote. I wanted to vote for Cute Overload (omg… sooo cute) so i created an account to vote. It took me only 2 tries to get passed the first captcha. But the captcha that i got on Blog-Culture took me SEVEN tries to get right. I tried voting for two more categories – i got past the second one after 5 tries and then took another 8 to get past the next one. I gave up on voting. I wonder how many people stop participating because of stupid stuff like this? I’m trying to imagine my grandmother on her model dealing with captcha – that would so never happen (unless it looked like a Solitaire game).
Since i’m thinking about Cute Overload, i might as well share the picture from today that made me ooh and awww:
I had the EXACT same experience today with the Webby’s. And the exact same reaction. I voted for, like, two categories and then gave up. I thought I was the only one who couldn’t tell the difference between i I 1 and 7–seriously, the Webby’s use some of the most brutal captchas I’ve ever seen.
Kitten orgies make you ooh and ah?
Audio Captcha’s like the ones used for Hotmail signup are one way around this problem.
In the end, the difficulty of the Catcha has to be set to strike the right balance between human and computer recognition. Making it easier for humans makes it trivial for computers and your voting results are hosed.
Simple Captcha’s can foil the script-kiddies but they need to be fairly difficult to foil sophisticated attacks.
I’ll follow the comment thread to see if someone has a better compromise in mind that actually preserves the integrity of online voting results, other than just layering the security.
Probably this interesting article about captchas, spambots and accessibility. (In spanish, hope images in article could help to understand it)
The idea below this article is so simple: use option items, like Trivial Pursuit questions (but so simple) and use random-ordering for responses.
Next step: use images about known places (Big Ben in London, …, who knows: filtering by GeoIP we can set obvious questions?) and ask for city or country name.
I can see you’re using a simplified version (type ‘apophenia’)… after setting a list of possible expressions and some simple parameters, you could get an interesting captcha…
May be the biggest weakness about this system is language, Localization and/or internationalization, don’t you think? Mmmm… Following your explanation, my grandmother doesn’t talk english. Nothing more than Catalan or Spanish…
…and she would not be able to do what I’m doing because she wouldn’t understand the only required field. Ok, we are talking about disabled users.
Article pointed in URL is not mine and I don’t have any relation with this site, except to be a usual reader. Articles in this collective blog are very interesting.
Congratulations for your blog… and your papers, I’ve read some of them, founding great answers to some questions.
And… sorry for my english 🙁
When I first saw this post, I assumed that you were talking about how web sites have started to use cats as CAPTCHAs.
For example, the CAPTCHA for the image above might be, how many cute cats do you see?
Here’s some more on kitten captcha stuff.
How about a real Turing test – you have to convince the computer that you’re a woman in a 5 minute chat.
So… you’ve seen this, right?
http://www.thepcspy.com/kittenauthtest
The first step is building awareness that there is a major problem with captchas. I know this issue has been raised on the American Foundation for the Blind’s site and other sites dealing with online media.
Right now most of these web outfits using captchas don’t care because they think that the people who have difficulty reading these are not important to them because they are either too old, blind, visually-impaired, etc. Maybe if some of us showed up with picket signs outside their fancy headquarters and organized an online campaign against them, they would be forced to back down.
It may be time-consuming, but I put in comment moderation rather than captchas on my blog. I don’t have huge traffic or many comments, but this has kept out a number of spammers.
So thanks for raising this issue.
And here I thought you were leading up to a link to the cute-kitten substitute for Capchas…
I love your picture of kittens, btw…
This is an issue that needs to be dealt with. In thinking about accessibility think about all of your senses and varying combinations.
It is common for people to think that one solution is an audio captcha. You forget that there are those of us tht have eyes *and* ears that don’t work (the greatest).
Why is there a need for the wierd backgrounds that make it hard to pull out the letters? Why the squiggled letters that make it hard to tell if you’re looking at lower case, upper case or (sometimes!) a number! The one for this blog is at visably discernable if I get close and make it bigger.
Some sites use catpcha that require vision but not excellent vision and do have an audio captch as well.
Is a spam bot actually better deterred by these more difficult versions of captcha? Of course, this comment doesn’t come close to an answer 🙁 All I can do, at this time, is to make sure that people keep thinking about these issues and don’t settle for “solutions” that cause blocks for others.
Kelly G
Speaking of which, you refused to post my comment in your Wikipedia entry. Was there a problem with it? I am a bit confused.
Blissy – yeah, you exceeded the number of links so it had to go to moderation
you might want to check this out…
federal grants
For a system that works *right*, look at Making Light (although they don’t have a captcha at all; I don’t know how effective the mandatory preview by itself is at deterring spambots.)