W3C home > Mailing lists > Public > public-html-a11y@w3.org > March 2010

Re: keep CAPTCHA out of HTML5

From: Steven Faulkner <faulkner.steve@gmail.com>
Date: Wed, 17 Mar 2010 18:28:17 -0400
Message-ID: <55687cf81003171528j52a280d8mf4ad2e372c070a1b@mail.gmail.com>
To: Silvia Pfeiffer <silviapfeiffer1@gmail.com>
Cc: John Foliot <jfoliot@stanford.edu>, "Gregory J. Rosmaita" <oedipus@hicom.net>, public-html-a11y@w3.org
Hi laura, I am happy to modify the example to include warnings about the
essential inaccessibility of captcha and recommend it not be used, but think
that for cases when it is used, advice on how to make it accessible as
possible is still a good thing.

regards
steve
On 17 March 2010 18:24, Silvia Pfeiffer <silviapfeiffer1@gmail.com> wrote:

>  On Thu, Mar 18, 2010 at 8:34 AM, John Foliot <jfoliot@stanford.edu>
> wrote:
> > Silvia Pfeiffer [mailto:silviapfeiffer1@gmail.com]
> >>
> >> Very interesting indeed. It seems to indeed be a big accessibility
> >> challenge.
> >>
> >> Do images get transferred onto braille at all? Could it be done
> >> pixel-wise? I'm wondering if there could be a technical solution, even
> >> if it doesn't exist yet.
> >
> > I've seen some interesting experiments with tactile processing of maps,
> > etc., but the detail is also limited in some ways due to the amount of
> > visual data required to be conveyed. Most of those experiments relied on
> > some basic form outline's over-laid with image-map like area data. In
> > situations such as where we normally see CAPTCHA's used that additional
> > data would likely not be provided by the author.
> >
> > The problem with any kind of OCR-like solution here is that it is a race
> > to the bottom - if OCR does get better, CAPTCHA's will continue to get
> > increasingly complex to frustrate that improvement - a vicious circle
> with
> > no end in sight. At some point, the CAPTCHAs also become increasingly
> > difficult for sighted users to negotiate, further frustrating your user
> > base.  The foundation of the solution is flawed, thus any implementation
> > of that solution will also be flawed: being able to discern what a series
> > of glyphs represent does not represent cognition, which is what CAPTCHAs
> > are trying to determine (man vs. machine).
> >
> > I personally hold out more help for distributed authentication schemes
> > such as OAuth, etc. which requires a one-time determination of
> > 'authenticity' of your human-ness, after which you have a social key that
> > can be used inter-changingly. We are already starting to see solutions
> > like this emerge, where you can 'log-in' to locations using your FaceBook
> > account, G-Mail account, your twitter username etc.
> >
> > Establishing disabled-user support groups as CA like entities could help
> > here (for example, the RNIB could assist non-sighted users in the UK by
> > confirming them with an OAuth profile, which they then could use) -
> > ultimately what we have here (I believe) is a social issue, which will
> > require a social solution
>
>
> I understand Gregory's concerns now.
>
> I checked the spec and CAPTCHA is used as an example of an img element
> that doesn't have a @alt description. I guess that is a fair enough
> example.
>
> Maybe we could propose to add a sentence underneath that example to
> state that the use of CAPTCHAs is not encouraged by the W3C for all
> the reasons mentioned here? Namely it's just "security by obscurity",
> people have problems deciphering them and deaf-blind users have no
> means of dealing with them (at least until the introduction of a
> braille dimension to CAPTCHAs).
>
> Cheers,
> Silvia.
>
>


-- 
with regards

Steve Faulkner
Technical Director - TPG Europe
Director - Web Accessibility Tools Consortium

www.paciellogroup.com | www.wat-c.org
Web Accessibility Toolbar -
http://www.paciellogroup.com/resources/wat-ie-about.html
Received on Wednesday, 17 March 2010 22:29:09 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Friday, 27 April 2012 04:42:03 GMT