|
As you can see below, every post has a comment line and a field for a name to the left of it, there is no complicated image to solve, and no stupid intermediate step.
Yet, for a long while, no bots have managed to crack my captcha, possibly because mine is the only website to use this particular version of it.
Sure, a human can type in any old crap, but at least that is easier to cope with than a bot spamming hundreds of lines.
Unique captchas, different captchas, and using form IDs that that is either random or not conforming to the usual naming conventions will throw bots off as well, like naming your username "captcha" and your password "failure" no user should care, since they don't bother reading the code anyway, web browsers may not store these either, since you've broken an age old trend.
Doing the same thing that everyone else does is the root cause of others taking advantage of your conformity, we already do it enough in making sure to implement protocols to specification, and even getting that wrong too, leaving gaps for exploits.
Add a little chaos, be the snowflake, be unique, be different.
(Maybe a little too much random.)
|