Does CAPTCHA Really Work?
Tenken89, a member of the LockerGnome community, asks:
Do you find yourself annoyed by the scrambled numbers and letters you have to decode in order to gain access to a site? This CAPTCHA (Completely Automated Public Turing test to tell Computers and Humans Apart) code is intended to trick robots by replacing text with an image that’s difficult for a computer to decipher. Unfortunately, it can also be difficult for most humans, as well.
The problem with CAPTCHA is that is doesn’t work, at all. There are companies that make a lot of money hiring employees to read and solve the CAPTCHA puzzles for them, being presented with them one by one for solving. Once the human has solved the puzzle, the bot takes over again and the site becomes the International House of Spam. In addition, text recognition software is becoming extremely powerful, and the tricks deployed by CAPTCHA can only work for so long.
Sites depend on an absolutely smooth user experience in order to keep the attention of their users. By putting a roadblock in front of them, site administrators are essentially taking an active step to keep legitimate users out of their site. On the other hand, a site filled with spam makes for a lousy user experience, as well. Alternatives are available, including a physical security key, third-party login services such as Open ID, and others.
So, what other alternatives are currently available? Chris Pirillo posed this question to the community on Google+, and here are some of the responses:
Scott Baker – Honeypots work almost as well and are MUCH less annoying for users.
Michael Knight – I use a Yubikey for tons of stuff, and it’s really simple to integrate it into your own site/code.