tdog.blog

You’ve seen these all over the place nowadays. They’re the funny little images right by a form submit button that ask you to identify the smudged up letters. Supposedly, these CAPTCHA devices prove my humanity (as opposed to my bot-ness). The goal is admirable: use a Turing test to keep evil spambots from polluting your blog comments and other database assets.

The problem is, most CAPTCHAs have been hacked in one way or another. Most CAPTCHAs are hard to use even if you have good vision, and to make them accessible to the blind, they require a voice component that is also easily hacked. What we need is some kind of Turing test that will easily tell humans and computers apart, and do so in a way that doesn’t involve math or computation (which by the way, is what computers are good at, duh!).

One of the best systems I’ve found is TextCAPTCHA.com which uses logic puzzles and other questions that confound computers but leave most humans unfazed. If you can answer the questions, you are free to submit your form. For example:

Two + 5 + one is ?

What word from “kidnapped, paws, garrulousness” begins with “k”?

The list ear, Wednesday, pink and John contains how many body parts?

What is seventy five thousand seven hundred and seventy three as a number?

What is John’s name?

So far, the site features 157 million different questions that you can access through a free Web Services API. You register for free, use the code he gives you to send in requests for questions and process responses, and there you have it: an accessible (it’s all plain text, no images) extremely hard-to-break CAPTCHA on your site. And since it’s a web service, you can use it on numerous sites if in fact you run a number of them.