[thelist] junk entry into forms (captcha?)

[Luther, Ron]

Steven Streight asked:

>>is Hershel's example of  captcha vulnerable to bots? 
>>Having "two" next to the text input box might be easy 
>>for a bot to figure out "translate to numerical equivalent".


Hi Steven,


While not a noted bot expert, I just had to chime in because I believe 
the answer is a most definite "it depends".

The fun part is that I believe it depends on ... ROI!  ;-)

For most personal sites and quite a few small biz sites I think
Hershel's 
approach will be valid and effective.  I think few folks would be
interested 
enough in trashing any of _my_ sites to bother hardcoding a bot around a

simple logic question.

{Programmatically? No.  I don't think any bots are good enough to 
_efficiently_ break a logic system by themselves.  However, the simple 
systems we are talking about - enter the number "2", the word "white",
the letter "A" - any of 
those could be hardwired or have a range hardwired.}

However, at the same time, I don't believe this would be an effective 
approach for any high profile site that *could* be likely to be a target

for bot activity.  Say, for example, on-line reservation systems.


HTH,
RonL.

(So, since we don't have card keys widely adopted yet ... why don't we 
see more captchas combined with passwords in 'login' situations?)