Practical non-image based CAPTCHA approaches?

It looks like we’ll be adding CAPTCHA support to Stack Overflow. This is necessary to prevent bots, spammers, and other malicious scripted activity. We only want human beings to post or edit things here!

We’ll be using a JavaScript (jQuery) CAPTCHA as a first line of defense:

http://docs.jquery.com/Tutorials:Safer_Contact_Forms_Without_CAPTCHAs

The advantage of this approach is that, for most people, the CAPTCHA won’t ever be visible!

However, for people with JavaScript disabled, we still need a fallback and this is where it gets tricky.

I have written a traditional CAPTCHA control for ASP.NET which we can re-use.

CaptchaImage

However, I’d prefer to go with something textual to avoid the overhead of creating all these images on the server with each request.

I’ve seen things like..

  • ASCII text captcha: \/\/(_)\/\/
  • math puzzles: what is 7 minus 3 times 2?
  • trivia questions: what tastes better, a toad or a popsicle?

Maybe I’m just tilting at windmills here, but I’d like to have a less resource intensive, non-image based <noscript> compatible CAPTCHA if possible.

Ideas?

Add Comment
1 Answer(s)

Actually it could be an idea to have a programming related captcha set. For example:

Captcha

There is the possibility of someone building a syntax checker to bypass this but it’s a lot more work to bypass a captcha. You get the idea of having a related captcha though.

Answered on April 6, 2016.
Add Comment

Your Answer

By posting your answer, you agree to the privacy policy and terms of service.