[vox] good CAPTCHA

Thu May 7 21:09:46 PDT 2009

On Thu, May 07, 2009 at 05:45:01PM -0700, Don W wrote:
> I use 'reverse captchas', which include an extra text field on the
> page that is hidden by Javascript/CSS; any text in that field will
> cause the request to fail.  End-users can't see the field, so they
> don't put anything in it, whereas bots almost always do.

I did that recently.  If they fill out the 'email' field, I know it's
spam. :)  (The spam I get is mostly random gibberish.  I think it
mis-recognizes my survey form as some comment form.  So I don't actually
see whatever actual spam they're posting (URLs or whatever), nor does
anyone but me actually receive the message.)  It's helped _enormously_.

Security thru obscu----.

-- 
-bill!
Sent from my computer