- From: Ben Maurer <bmaurer@andrew.cmu.edu>
- Date: Wed, 18 Jul 2007 11:06:18 -0700 (PDT)
- To: Gez Lemon <gez.lemon@gmail.com>
- cc: "Evans, Donald" <Donald.Evans@corp.aol.com>, wai-xtech@w3.org
Hey, On Wed, 18 Jul 2007, Gez Lemon wrote: > Finally, when someone enters their details, but makes a mistake and > the page is re-presented to them, if they have the answer to the > CAPTCHA correct, it would be good if the CAPTCHA is removed (or at > least hidden), as the user might think that was one of the reasons the > submission failed (even though the text would be red with an error > message if it was - it just helps remove any ambiguity, particularly > as CAPTCHAs can be intimidating). In general, this can be very hard for a site to implement. The issue is that it's easy to create a replay attack (a case where the solution to a CAPTCHA can be re-used). -b
Received on Wednesday, 18 July 2007 18:09:38 UTC