Re: reCAPTCHA: AOL's CAPTCHA

Hey,

On Wed, 18 Jul 2007, Gez Lemon wrote:
> Finally, when someone enters their details, but makes a mistake and
> the page is re-presented to them, if they have the answer to the
> CAPTCHA correct, it would be good if the CAPTCHA is removed (or at
> least hidden), as the user might think that was one of the reasons the
> submission failed (even though the text would be red with an error
> message if it was - it just helps remove any ambiguity, particularly
> as CAPTCHAs can be intimidating).

In general, this can be very hard for a site to implement. The issue is 
that it's easy to create a replay attack (a case where the solution to a 
CAPTCHA can be re-used).

-b

Received on Wednesday, 18 July 2007 18:09:38 UTC