Kasutage mõnda leidlikkust ja vältige Captchat


Võib-olla on üks halvemaid kasutajakogemusi, millega veebis jätkuvalt kokku puutun Captcha tehnoloogiat.

Captcha on see, kui pilt genereeritakse numbrite, tähtede ja mõnikord sõnadega, mille peate uuesti teisele väljale tippima. Selle eesmärk on nurjata kommentaari rämpsposti saatjate automatiseeritud vormipostitused. Kuna nad ei suuda koodi dešifreerida, ei saa nad ka valesid postitusi esitada.

Captcha puudused

  1. See on katkestav tehnoloogia. Ma ei saa teile öelda, mitu korda käin mõnel saidil kommentaari esitamas või sõnumit saatmas ja mind katkestab Captcha väli. See peatab voo ja peatab kasutajakogemuse. Ma ei kannata seda. Mõnikord loobun lihtsalt ja lõpetan saidi külastamise või tööriista kasutamise.
  2. Selle genereerib arvuti. Asjaolu, et selle genereerib arvuti, ütleb mulle, et kunagi lõhub selle arvuti. See on ainult aja küsimus.
  3. See on laisk. Probleemi lahendamise asemel paneb see kasutaja selle probleemi lahendama.

Parem lähenemine

Paar inimest on minult küsinud, miks ma ei kasutanud Captchat, kui kirjutasin oma kommentaarivormi pistikprogrammi. Ma ei kasutanud seda, sest tahtsin elamuse teha parem, mitte hullem, vältides samal ajal kommentaaride rämpsposti saatjaid. Vaid väikse leidlikkusega saaksid tarkvaraettevõtted need väljakutsed lõbusaks teha, mitte katkestada.

Minu väljakutse küsimus minu kohta kontaktide lehel on üsna lihtne, "viimane sõna minu blogi pealkirjas". Kuid see sunnib inimest sekundit üles otsima ja võib-olla isegi muhelema, et ta peab sisenema blogisse. Tore ja lihtne. Ei ühtegi värvi-, paisutatud, hullumeelset tähtede ja numbrite kombinatsiooni. Lihtsalt lihtne küsimus, millele arvuti ei saa vastata - ainult lugeja.

Facebook kasutab nüüd Captchat

Facebooki CaptchaViimane ettevõte, kes on Captcha stiilis tehnoloogia ohvriks langenud, on Facebook. See pole mitte ainult absoluutne silmaring, vaid ka vaevu võib dangi asja lugeda. Facebook on olnud väga tähelepanuväärne oma saidile mõnusate tööriistade ja integreerimiste väljatöötamisel ... kas nad pidid seda rumalat tehnoloogiat tõesti kasutama? Piisavalt halb, et sellel müüakse kirjutusmasinat ja teisi.

Mõni võib väita, et “see töötab”. See töötab ainult selles osas, et eemaldab probleemi veebisaidilt ja asetab selle kasutajale. See on andestamatu disain ja on paremaid viise! Tulge Facebooki ... kasutage võimalust, leiutage midagi! Ole loominguline.

23 Kommentaarid

  1. 1

    One innovative solution similar to captcha’s is HumanAuth (and KittenAuth). It’s also similar to your “last word in my blog title” idea. A human must read a clue and prove that they understand the semantics of the clue. No computer can do that, yet. But if you listen to AI folks, they will, soon! It’s just around the corner, really!

    If HumanAuth or something “standard” that computers can’t do would catch on and go into widespread use, it would somewhat alleviate the interruption you’re talking about.

    BUT, you still have to be careful on the implementation. HumanAuth’s sample that I just went and looked at again has a flaw! The moment you click the right 3 images, it changes a button to let you know you’ve got it right. That’s ok, but it gives you unlimited clicks, so a simple recursive algorithm could easily figure out the 3 images.

    Your idea is simpler and simple usually means there’s less that can go wrong.

  2. 4

    Interesting opinion, though I am not really sure it deserves it’s own blog item…
    But what does one not do for just a little bit of attention… 😉

    Anyway, our site (http://ajaxwidgets.com) does not have a captcha for our blog system. And fact is that 99.99% of all spam blogs are being denied by the simple fact that we don’t allow HTML…!
    In addition we’re using “link condoms” for the URL field which also takes away a lot of spam. Not really all that hard 🙂


    • 5

      My objective wasn’t attention, Thomas. It really is to bring attention to a technology that is ‘acceptable’ mainstream but is not user friendly.

      Your example of how you’re dealing with it is exactly my point, there are definitely less intrusive ways of dealing with the problem.

      Thanks, Thomas! And I love widgets, so I’ll be checking out your site!

  3. 6

    You fail to mention captcha’s which arent the tired and true distorted text image based ones.

    A captcha can be many things, text based, question and answer, subjective (pick cutest puppy) and these are much quicker to use and make more sense that trying to figure out if that is an o or a 0.

    I agree with you, and I hate them also, but your post didnt even cover the full breadth of the topic, and didnt offer any ideas about how to fix it.

    • 7

      Hi Garrow,

      I agree – I didn’t come up with the best solution… that’s what my call is to the companies with great resources and user experience experts. My motivation for writing the post was after seeing Facebook use this technology.

      I also didn’t realize that Captcha technologies overlapped outside of the simple font graphic that a user has to submit. If Captcha technology is expanding their footprint into challenge questions and answers that can be made to enhance, not degrade, the user experience, I’m all for them!


  4. 8

    Use variable-variable names. Once the user comes to the page set a session cookie that contains a random number. Then give your “input” tag a name=”comment__[title]”, and so one for the rest of your fields.

    Then reset the number every time someone visits the page.

    That will ensure it’s a human person going to the page: for a little while.


  5. 9

    I totally agree with you. CAPTCHA’s are a pain in the …

    However, it is really really easy to write an invisible CAPTCHA that does the trick. There are many different ways of doing it.

  6. 10

    Captcha’s can be annoying. Some more than others. I’ve seen some that are impossible to read (which defeats the purpose). I use the “bad” type of Captcha you described in a few projects. However, I make it easy enough to read so that the human isn’t having to contort his/her brain to make sense of it. Also, I only “captcha” when the user registers, not every single time they give input into the site. It isn’t a perfect system, but I consider it low on the human annoyance factor.

    There you go, we could start rating Captcha’s on their “HAF” (Human Annoyance Factor), Spammer Annoyance Factor, etc.

  7. 12

    I don’t want to belittle your plugin but there’s already a much better way to filter spam in wordpress. There’s an amazing plugin that I use called SpamKarma and uses all kinds of heuristics to determine whether this post if human or whether it’s spam. I’ve been using it for about 1 1/2 or 2 years now and once it flagged someone’s comment as spam and once it wasn’t sure so it asked the person to fill out a captcha and then let the comment through. It catches hundreds of spam comments a week though and never lets any through.

    I hate captchas as well. If I really had to write a captcha I would do it like http://www.hotcaptcha.com/ since picking out the pretty people or the furry animals or the whatevers out of a series of images is trivial for humans and extremely difficult for automated scripts.

    • 13

      Hi Smokinn,

      I don’t use SpamKarma but I have heard of it. I do utilize Bad Behavior and I’m probably only having to deal with 10% of the comment spam I had before.

      I’ll check out Hot Captcha – sounds similar to what I’d like to see.


  8. 14

    This post is pointless. Your solution doesn’t scale. A “bot” could be easily programmed to bypass your security measure by filling out “blog” every time. The solution has a finite number of questions – as many questions as you care to write. How would facebook, ticketmaster, or yahoo implement such a solution?

    This post was just ridiculous enough to get some attention and drive up your ad revenue. You’re going to have to try harder to “tip” this blog. I’d start with content worth reading.

    • 15

      Wow, Matt. Someone sounds a little grumpy today.

      Sounds as though you didn’t actually read my post. I never said my solution would scale nor should it be used by these companies. I tegin say that I’d like to see some companies (like Facebook) come up with a more ingenious solution. My plugin does allow you to change the challenge question and answer whenever you’d like – no bot is going to keep up with that. To date, I’ve had no SPAM on my contact page from this solution.

      One example: Perhaps Facebook could actually profit from using an advertisement on the page and asking “Who’s ad is on this page?”. Anything is better than punching in a bunch of numbers and letters – if you can actually read them.

      Cheers! Be sure to subscribe! hehe

      • 16

        The “Who’s ad is on this page” is an interesting idea. I’ve seen it implemented before on a website called Moola.com. However, they use it specifically as a way to direct attention to their advertisers (as an interstitial) rather than a spam-prevention method.

        Some of them would even force you to watch a 20 second ad video and then answer a question such as “Which company was this ad for?” While, I’m not a fan of that particular method (I hate to wait), it would be interesting to see what something like that does to ad revenue.

  9. 17

    Apart from annoyance factor, which is huge, CAPTCHAs are regularly inaccessible for anyone with less than perfect vision.

    Imagine a CAPTCHA that you find difficult to read and then let someone with poor vision have a go. Difficult? Almost impossible.

    How about someone with no vision at all, surfing the web with a screen reader or braille technology. A CAPTCHA is designed such that programs can’t read it. In this case, neither will the disabled user.

    There are few accessible CAPTCHAs, ones that include a voice CAPTCHA for those who can’t see are an example, but the added usability concerns make it a technology that I would never consider implementing. Beat the spammers another way, don’t make your real users pay (also the reason I use the dofollow plugin).

  10. 18

    Captchas aren’t bad. Bad captchas are bad. If they are so hard to figure out that you can’t read it, then that is bad.

    However I think the better solution is a basic math question, three variables:
    1. Number 1 (0-9)
    2. Number 2 (0-9)
    3. Solution

    It is done so the math is very easy, and you can figure out what the answer is from a script standpoint rather easily.

  11. 19

    One neat solution I encountered somewhere was a checkbox labelled “I’m a spammer”, that came unchecked by default. Granted, it’s more useful in the context of preventing automated signups than on comments (as blog comments usually don’t have checkboxes that need checking).

    Of course in the end it’s just a matter of time before AIs break that. But I don’t think there’s a perfect solution than robots will never break, so this is good enough and doesn’t disrupt user experience at all (unless, of course, you consider yourself a spammer…)

  12. 20

    What is with the negative comments about this being an “attention getting” post? Since when was it a bad thing to add your voice to the discussion. Heck, with 17 comments already, it is obviously a topic people are interested in.

    Besides, if this is a topic that gets people’s attention, why the heck would you _not_ want to blog about it?

  13. 21

    How is that not a CAPTCHA?

    True, its not the usual mangled letters in an artificially grainy image, but it is something trying to tell computer and human apart.

  14. 22

    Yeah, I agree that captchas are a little irritating, and I’m sorry to realize that they’re a hurdle for disabled users, but I recently just
    raevunud about how much I appreciate the dual nature of the reCaptcha system, in that it blocks spam (though not 100% effectively, as you point out) while helping to decipher books, and I’m still a fan.

    No disputing their detrimental effect on user experience, but you have to admit that using minimal effort from each member of a vast pool of humans to do what even a very brainy computer cannot (read mangled text that defies Optical Character Recognition) is a pretty elegant solution.

    Though generally speaking, yes, I’m all for using creativity instead of code when possible.

  15. 23

    Hei seal,

    Nice concise post. I, too, disagree with the flames regarding your post’s possible intention. Especially where others point out your lack of providing an “answer” or “alternative,” which I could have sworn you did with your comment-form plugin and discussion of your contact page (or did I miss something? 😉 I think too many people form opinions (and share them) without bothering to read even a relatively short post, such as this one, before they lash out (which accomplishes next to nothing)

    This is an interesting debate and, no matter whether a solution is proffered, worthy of writing about if you want. It’s your blog, after all and – this is what bothers me the most about some of the comments – since when has blogging become a public responsibility? If you want to write about something, write about it. Anybody who doesn’t want to read still has the option to not read it. If you were charging a fee, this would be a different story, but, if I’m correct, weblogs spawned from the mass’s desire to post just about anything and/or everything that pops into their head and put it out for public display, or to make it easier to share with friends. Many blogs’ contents are not publicly accessible or even interesting to those not directly involved.

    I had to laugh when I read about using this post to jack up your ad revenue. Perhaps (and I do hope so) your experience has been better than mine, but – unless you’re blogging to promote a product – you can write about captcha or you could write about how smelly generic dog food is and your contextual ad system will pay out at its usual unpredictable rate in either situation 😉

    That being said, if the CAPTCHA makers are reading, thank you for adding the audio! Black blackground with a tumultuously wavy white grid foreground over which ghostly white (and grossly distorted) letters are posted (sometimes over the edge of picture) is a perfect example of a situation that a human with reasonably decent vision will have difficulty deciphering, but a program will probably easily solve over time.

    Ainult minu 2 senti,

    Best wishes to you,


Mis sa arvad?

Sellel saidil kasutatakse rämpsposti vähendamiseks Akismetit. Vaadake, kuidas teie andmeid töödeldakse.