- From: Phill Jenkins <pjenkins@us.ibm.com>
- Date: Thu, 17 Nov 2011 15:49:09 -0600
- To: "Mario Batusic" <Mario.Batusic@jku.at>
- Cc: "Denis Boudreau" <dboudreau@accessibiliteweb.com>, "Karl Groves" <karl@karlgroves.com>, "Patrick H. Lauke" <redux@splintered.co.uk>, w3c-wai-ig@w3.org
- Message-ID: <OF83B0614D.E08F3016-ON8625794B.0076FE3C-8625794B.0077DC99@us.ibm.com>
hmm, Mario wrote: ". . . The idea is simple: in the form there is an additional field for this fake captcha. The field is hidden from the user in the CSS. . ." Seems to me this would fail with screen readers, magnifiers, and keyboard users if the key board navigation still gets to the so-called hidden field. I suppose one could add a negative tab-index to remove it from the navigation sequence, but I would like to test one out before recommending this alternative technique. Phill Jenkins, IBM Research - Human Ability & Accessibility Center http://www.linkedin.com/in/philljenkins From: "Mario Batusic" <Mario.Batusic@jku.at> To: "Karl Groves" <karl@karlgroves.com>, Phill Jenkins/Austin/IBM@IBMUS Cc: "Denis Boudreau" <dboudreau@accessibiliteweb.com>, "Patrick H. Lauke" <redux@splintered.co.uk>, <w3c-wai-ig@w3.org> Date: 11/17/2011 03:25 PM Subject: Antw: Re: Example of accessible CAPTCHAS that work well Hi! Short time ago I found a CMS Drupal module with a very nice captcha implementation. This one lets the users unbothered. The idea is simple: in the form there is an additional field for this fake captcha. The field is hidden from the user in the CSS. The normal bots ignore CSS and fill all fields with some garbage. If the submitted form check finds the hidden field filled with data, the form is discarded. Ciao Mario >>> Karl Groves <karl@karlgroves.com> schrieb am 17.11.11 um 21:52 in Nachricht <CABScKPAcc26E5rsdZ+FpTLyLrMX4Z-9FkwUVPhYg5wPvTMrbrg@mail.gmail.com>: The Smashing Magazine article cited by Phil and Jennifer is a good one and one which should be shared among those who advocate for CAPTCHA. I question whether many of the so-called alternatives are truly alternative in security. I think the article is honest regarding each method's strength and weaknesses. As a developer myself, fighting spam and abuse is an ongoing battle that most people (even most web designers) really know little about. I've worked with clients whose sites get 10,000 pageviews per second. Companies like that are under constant barrage from people trying to gain illegitimate access to their resources. We need to keep this in mind when discussing potential alternatives to CAPTCHA. I'm by no means an advocate for CAPTCHA. I don't use it and never have. But we need to keep in mind that some so-called "alternatives" really are not alternative in terms of security, and any proposed alternative should offer an equivalent level of security while also being accessible. Karl On Thu, Nov 17, 2011 at 2:24 PM, Phill Jenkins <pjenkins@us.ibm.com> wrote: > This March 2011 article is worth reading > http://coding.smashingmagazine.com/2011/03/04/in-search-of-the-perfect-captcha/ > > several alternatives to CAPTCHAS discussed. > > Regards, > Phill Jenkins, > > > > > > From: Denis Boudreau <dboudreau@accessibiliteweb.com> > To: "Patrick H. Lauke" <redux@splintered.co.uk> > Cc: w3c-wai-ig@w3.org > Date: 11/17/2011 12:39 PM > Subject: Re: Example of accessible CAPTCHAS that work well > ________________________________ > > > Hello all, > > On 2011-11-17, at 12:24 PM, Patrick H. Lauke wrote: > >> On 17/11/2011 16:12, Ginger Claassen wrote: >>> Regarding accessible CAPTCHAS I found a very few so far where one has to >>> solve a very simple mathmatical question e.g. How much is 3 + 4? >>> In my opinion that is quite accessible or do I oversee something here? >> >> Could it pose problems for users with cognitive disabilities? And >> generally just weird out users ("why is this website asking me this?") and >> require lengthy explanation? My mum would be left wondering, anyway... > > Not only that, but the easier those equations are, the easier bots can crack > them too. So we're rapidly back to square one. > > /Denis > > > >
Received on Thursday, 17 November 2011 21:51:12 UTC