Why do sites even use captchas/recaptcha any more?

Discussion in 'Security and Legal' started by CM30, Jul 26, 2013.

  1. CM30

    CM30 Regular Member

    Joined:
    Jul 1, 2012
    Messages:
    901
    Likes Received:
    500
    Seriously, it does not work! It's harder for humans to get by than bots, has been made obsolete by two billion alternative ways of user verification (like question and answer, register timing, hidden fields, picture matching, etc) and is generally seen as a bad idea in general. So why do any sites even still use this?

    Don't they ever think 'hold on, we'll get way less spam and more real users' if we change our captcha equivalent? Are they too lazy to change it? Are there people out there who still believe recaptcha and its ilk actually work?
     
  2. ProSportsForums

    ProSportsForums Regular Member

    Joined:
    Dec 25, 2012
    Messages:
    529
    Likes Received:
    232
    Location:
    St Petersburg, Florida
    Honestly, I think it's because CAPTCHA is easier to set up than other spam blockers. It's built-in to many products.
    And if you do a cursory Google search for spam blockers it comes up at or near the top.
    A site owner has to know better to use something different.
     
  3. NotoriousMK

    NotoriousMK Regular Member

    Joined:
    Mar 5, 2013
    Messages:
    46
    Likes Received:
    12
    What would you advise to use?
     
  4. Cerberus

    Cerberus Admin Talk Staff

    Joined:
    May 3, 2009
    Messages:
    1,031
    Likes Received:
    500
    Recaptcha is impossible to OCR. Thus using it costs the people who are trying to bypass it money. They have to pay services to enter it for them. Though, it is not a lot, but it does add up quickly. Any other captcha is useless, recaptcha is not.
     
  5. Jura

    Jura Regular Member

    Joined:
    Oct 25, 2012
    Messages:
    108
    Likes Received:
    18
    People still use them because they still think they work. They are unaware of how to use questions, PlayThru, spam services, etc.

    I think you already knew the answer to this topic.
     
  6. GTB

    GTB Regular Member

    Joined:
    Jun 30, 2009
    Messages:
    1,791
    Likes Received:
    270

    You can also argue... why does modern forum software still offer it for using if that rubbish. XenForo has reCaptcha their as a choice. vBulletin 5 still uses old vB3 Captcha images at registration (as shown below). People use it because even modern forum software made now, will still insists on putting it in their for using.

    Snap1.png

    When perhaps it's about time they stopped doing it, when they know it's cracked for ages by spam bots - but still stick it in their forum software knowing it anway. That's what makes me laugh!
     
    Last edited: Jul 28, 2013
  7. cpvr

    cpvr Regular Member

    Joined:
    Aug 14, 2009
    Messages:
    3,219
    Likes Received:
    823
    I haven't used a captcha in a long time. I'm more of a fan of the question/answer system, it wields out the spammers.
     
    mscuban likes this.
  8. mscuban

    mscuban Regular Member

    Joined:
    Feb 11, 2012
    Messages:
    61
    Likes Received:
    5
    Location:
    USA
    I'm on another forum just as a user that went from one captcha to another. The second one in my opinion is too easy to bypass. I think that something better should be used, especially for those who are website owners for content writing which is what I do on my down time. Question and answer is much better for content writing websites as it will filter out plagiarism.
     
  9. nafretiti

    nafretiti Regular Member

    Joined:
    Jun 24, 2013
    Messages:
    46
    Likes Received:
    5
    Location:
    United States
    Can bots even get past captcha's? I didn't think they could and so that is why they have them to prevent that, they are pretty annoying when you have to type in those letters and numbers you sometimes can't read, you would probably think a computer can read all of that better then a human anyways and can break through it then. I do see the reasoning behind them though but are they really that safe for your website? I think anything is possible if it's programmed right to work around them.
     
  10. CM30

    CM30 Regular Member

    Joined:
    Jul 1, 2012
    Messages:
    901
    Likes Received:
    500
    Bots can get past captchas. They have been able to for a while now.

    And even if they couldn't, they used to have actual people crack the captchas and use the results to program the bot behaviour. Like having a captcha from a target site on a third party site a lot of people wanted to use.
     
  11. oldsmoboi

    oldsmoboi Regular Member

    Joined:
    Aug 3, 2013
    Messages:
    37
    Likes Received:
    8
    Location:
    Pittsburgh, PA
    Captcha in combination with other methods works well. I use it with a rotating question on my board and we get very little spam.
     
  12. Xenon

    Xenon Regular Member

    Joined:
    Feb 23, 2011
    Messages:
    15
    Likes Received:
    8
    I use KeyCaptcha on some of my sites. It is among the best I've seen.

    Someday someone will come up with a FAST, easy, and logical way to verify you're a human.
     
  13. CM30

    CM30 Regular Member

    Joined:
    Jul 1, 2012
    Messages:
    901
    Likes Received:
    500
    It exists and is called a turing test. Of course, how to set one up that ends up doing it's intended purpose is a very much matter of debate (see the wiki article) and makers of AI are always trying to make a machine that beats it. I guess the most practical way of doing this online would be sort of like a forum or chat situation on registration, but that seems too inconvenient.
     
  14. Xenon

    Xenon Regular Member

    Joined:
    Feb 23, 2011
    Messages:
    15
    Likes Received:
    8
    You missed the "FAST" part :p
     
  15. CM30

    CM30 Regular Member

    Joined:
    Jul 1, 2012
    Messages:
    901
    Likes Received:
    500
    I know. Unfortunately, there's no quick way to tell a human and a robot apart, at least that isn't easy for a bot to overcome with a savvy programmer. Captchas? Visual recognition is not exactly impossible for machines now. Questions? In theory they're good, but simple ones can be outdone by a database of answers and complex ones by much the same (if someone wanted to go that far with a spam bot). Games/flash stuff? If you can program an enemy AI for a video game, or a bot for a MMORPG, then you can theoretically program one to beat a flash game before spamming a forum.
     
  16. thebrad

    thebrad Regular Member

    Joined:
    Jun 29, 2013
    Messages:
    172
    Likes Received:
    18
    Location:
    Liverpool
    It obviously works if i have 0 spam bots i have none and i use them i have 2 when you sign up so people can't just register straight away, obviously some get past it but spam bots can get past anything.
     
  17. NotoriousMK

    NotoriousMK Regular Member

    Joined:
    Mar 5, 2013
    Messages:
    46
    Likes Received:
    12
    I used it because i was getting 100's of registration who were pure bots. Now I got none :)...satisfied for now.
     
  18. andyred

    andyred Regular Member

    Joined:
    May 24, 2013
    Messages:
    165
    Likes Received:
    34
    Location:
    UK
    I think it's better to have a simple question or number game.
    I've seen a few forums who have their question customised like:
    "Type in the Name of this Forum" or the abbreviations or something like that, which I personally thought was a lot better and user friendly.
     
  19. Alfa1

    Alfa1 Regular Member

    Joined:
    Jul 24, 2009
    Messages:
    303
    Likes Received:
    196
    i do not use captha or Q&A to hassle my users. Blacklists and scripts can work on the background.
     

Share This Page