Re: Alternate for Captcha - Need suggestions

Priti Rohra wrote:

> The questions would be picked randomly like
>     * What is the total of 2+2?
>     * What is the color of an apple?
>     * Which is the next day after Friday? 

I think this one is unwinnable.  I'm sure that Jonathon Chetwynd would 
object to this one if were still on this list, as it would lock out his 
clients, young adults with learning difficulties.

More generally, this is security by obscurity.  It only works because 
not enough people are using your question pool too make it worth the 
while of cataloguing it.  If you use patterns, instead, like:

What is the sum of %d and %d

and it becomes common, they will parse the question and do the arithmetic.

The standard tests work because they require particularly human skills 
which are not well emulated by software.

In practice, your system will work, but only because only a very small 
number of people are using it and the value of compromising the sites 
that use it not high enough.
David Woolley
Emails are not formal business letters, whatever businesses may want.
RFC1855 says there should be an address here, but, in a world of spam,
that is no longer good advice, as archive address hiding may not work.

Received on Friday, 9 May 2008 21:38:51 UTC