W3C home > Mailing lists > Public > wai-xtech@w3.org > July 2007

Re: reCAPTCHA: AOL's CAPTCHA

From: Gez Lemon <gez.lemon@gmail.com>
Date: Wed, 18 Jul 2007 20:18:06 +0100
Message-ID: <e2a28a920707181218y645c0ef0ra7df063385f0e55f@mail.gmail.com>
To: "Ben Maurer" <bmaurer@andrew.cmu.edu>
Cc: "Evans, Donald" <Donald.Evans@corp.aol.com>, wai-xtech@w3.org

On 18/07/07, Ben Maurer <bmaurer@andrew.cmu.edu> wrote:
> On Wed, 18 Jul 2007, Gez Lemon wrote:
> > Finally, when someone enters their details, but makes a mistake and
> > the page is re-presented to them, if they have the answer to the
> > CAPTCHA correct, it would be good if the CAPTCHA is removed (or at
> > least hidden), as the user might think that was one of the reasons the
> > submission failed (even though the text would be red with an error
> > message if it was - it just helps remove any ambiguity, particularly
> > as CAPTCHAs can be intimidating).
>
> In general, this can be very hard for a site to implement. The issue is
> that it's easy to create a replay attack (a case where the solution to a
> CAPTCHA can be re-used).

If the block the CAPTCHA is contained in is hidden with display: none,
it would still be submitted with the form, but hidden in graphical
browsers with CSS enabled (and also from screen readers interacting
with the browser). User agents without CSS support will render the
CAPTCHA exactly how they do now. It would be a benefit for the
majority of users with no detrimental effect on those that haven't got
CSS.


Gez

-- 
_____________________________
Supplement your vitamins
http://juicystudio.com
Received on Wednesday, 18 July 2007 19:18:10 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Friday, 27 April 2012 13:15:43 GMT