W3C home > Mailing lists > Public > wai-xtech@w3.org > July 2007

Re: reCAPTCHA: AOL's CAPTCHA

From: Ben Maurer <bmaurer@andrew.cmu.edu>
Date: Wed, 18 Jul 2007 11:06:18 -0700 (PDT)
To: Gez Lemon <gez.lemon@gmail.com>
cc: "Evans, Donald" <Donald.Evans@corp.aol.com>, wai-xtech@w3.org
Message-ID: <Pine.LNX.4.64-044.0707181104430.5857@unix31.andrew.cmu.edu>

Hey,

On Wed, 18 Jul 2007, Gez Lemon wrote:
> Finally, when someone enters their details, but makes a mistake and
> the page is re-presented to them, if they have the answer to the
> CAPTCHA correct, it would be good if the CAPTCHA is removed (or at
> least hidden), as the user might think that was one of the reasons the
> submission failed (even though the text would be red with an error
> message if it was - it just helps remove any ambiguity, particularly
> as CAPTCHAs can be intimidating).

In general, this can be very hard for a site to implement. The issue is 
that it's easy to create a replay attack (a case where the solution to a 
CAPTCHA can be re-used).

-b
Received on Wednesday, 18 July 2007 18:09:38 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Friday, 27 April 2012 13:15:43 GMT