General Community > Site Comments, Issues and Concerns

Verification step is a serious usability problem

<< < (3/4) > >>

Bots have an easier time registering and posting than do humans. Where's the logic in that? :)


I must have been really tired when I posted. Yep, the bots do make quick work of unrestricted post access. :)

Just be happy SMF doesn't use Rechaptca. That's a real killer. I fail 9 out of 10 times on other sites.

The team could use my avatar verification mod and mod it to posting too, or make something similar. It's much easier just clicking the right image out of 10. Would stop just as many spammers, I guess.

Given that bots have advanced to the point where they seem to have an easier time with letter CAPTCHAs than people do, perhaps it's time to retire letter CAPTCHAs (or at least, don't use them as your sole line of defense). Other kinds of visual puzzles are possible, such as "identify the missing piece of the puzzle", or "what time does the clock face show" (use ornate hands, rotate the picture in random amounts, reverse the image, use abstract symbols instead of numbers [so long as 12 o'clock is distinct], put the watch stem at random locations, etc.). How much this will help with Third World humans in a spam farm remains to be seen. It shouldn't be any special problem for non-English speakers (provided the instructions are properly translated into their language), but blind and other handicapped users may have a problem here.

As I've said many times before, applications can't depend solely on a hard shell to prevent registrations by spammers (CAPTCHAs, other visual puzzles, Q&A) or harass newbies until they've "proved" they're probably not spammers. An application needs to implement in-depth defenses to examine posting patterns (including a large number of posts on the first day that a new member posts) as well as each post for suspicious qualities, and hold those out of posting until they can be reviewed.


[0] Message Index

[#] Next page

[*] Previous page

Go to full version