TAKE THE TOUR
MOST CAPTCHAS LOOK LIKE THEY WERE SCRATCHED
OUT BY SOME CHICKEN ON LSD
THE PURPOSE OF THE CAPTCHA IS TO KEEP SPAM BOTS OUT, WHILE LETTING HUMANS IN.
BUT TOO MANY TIMES, IT KEEPS HUMANS OUT BY FRUSTRATING THEM TO THE POINT THEY GIVE UP
IF THEY DO GIVE UP, EVERYBODY LOSES.
ARE YOUR VISITORS DOING THIS WHEN THEY TRY TO CONTACT YOU ABOUT A PRODUCT OR SERVICE YOU OFFER?
NOW THERE IS A SOLUTION. A CAPTCHA THAT WILL KEEP OUT THE SPAM BOTS, WITHOUT FRUSTRATING YOUR VISITORS.
PHP Form Defense is an image-based captcha. The user is presented with a question concerning one of the seven images displayed that they must match. The question does not contain the name of the item represented by the image. So it requires the person to reason out an answer. If you match the correct image with the question, you’re directed to the online form.
There are seven images displayed, one for each day of the week. So each day displays a new question with its corresponding image. You have to match that day’s question/image to get to the online form.
There are other ("secret") coding elements used to protect your form from direct access. Once the captcha has been answered correctly, it automatically generates a secret key, that must be matched by a key on the contact form. If the keys do not match or are missing, you are denied access to the form and directed back to the captcha. So the contact form is protected from unauthorized access.
There are seven images displayed, one for each day of the week. So each day displays a new question with its corresponding image. You have to match that day’s question/image to get to the online form.
There are other ("secret") coding elements used to protect your form from direct access. Once the captcha has been answered correctly, it automatically generates a secret key, that must be matched by a key on the contact form. If the keys do not match or are missing, you are denied access to the form and directed back to the captcha. So the contact form is protected from unauthorized access.
Making A Human Friendly Captcha
The real key to making a captcha that keeps out the spam bots, while letting in the humans, is not in the complexity of the visual presentation of the captcha, i.e., squiggly and unreadable characters. No, that is just frustration and abuse.
The real magic of the captcha happens "under the hood". If we understand how the spam bots attempt to read and to break a captcha, then we should be able to thwart their attempts.
The spam bots break a captcha by reading the underlying code. But if that code is made nonsense to the bot, then it will give up and move on.
That is what we've done with every version of Form Defense. Make the code "unreadable and nonsense" to the bots "logic" and it will get frustrated, instead of the captcha making humans frustrated. We have turned the tables on the spammers.
The only way a spammer can "break" the Form Defense Captcha, is to get the source code. However, even if he does that, and is successful at breaking the captcha, he has only "broke" the copy that he is working on. It does not affect the others that are in use out there, since some of the underlying security code is unique for each captcha in use.
The real key to making a captcha that keeps out the spam bots, while letting in the humans, is not in the complexity of the visual presentation of the captcha, i.e., squiggly and unreadable characters. No, that is just frustration and abuse.
The real magic of the captcha happens "under the hood". If we understand how the spam bots attempt to read and to break a captcha, then we should be able to thwart their attempts.
The spam bots break a captcha by reading the underlying code. But if that code is made nonsense to the bot, then it will give up and move on.
Frustrate the Spammers, Not Genuine Users
That is what we've done with every version of Form Defense. Make the code "unreadable and nonsense" to the bots "logic" and it will get frustrated, instead of the captcha making humans frustrated. We have turned the tables on the spammers.
The only way a spammer can "break" the Form Defense Captcha, is to get the source code. However, even if he does that, and is successful at breaking the captcha, he has only "broke" the copy that he is working on. It does not affect the others that are in use out there, since some of the underlying security code is unique for each captcha in use.
Screen Shots of Form Defense 3.0 Captcha
Captcha As Presented To User
Captcha On Image Hover
- Form Defense is an image-based captcha.
- The Captcha must be completed before access is granted to the online form.
- Your 'Contact Us' link goes directly to the captcha form, for best online form security.
- It requires matching an image to that day's statement.
- The images and corresponding questions are changed automatically on a daily basis.
- You control the images that are displayed. Change them as often as you like through the HUD (Handy User Display).
- The online form itself cannot be accessed without going through the captcha form first. Key codes must match between the captcha form and the contact form. If they don’t match or are absent, access to the contact form is denied. The user is automatically directed back to the captcha page.
- Form Defense 3 is screen reader friendly for the visually impaired.
- It also comes with an audio of the daily question, also for the visually impaired.
- The images enlarge to a nice, viewable size on mouse hover.
- User has option to resize the captcha text.
- Enter your email(s) and site’s URL through the HUD and forget it, or change it as you need to. Your email is totally hidden.
- Use the PHP Captcha by itself with your existing contact form (with some code additions to get the best security out of it).
- Or, Use the full Form Defense package, ready to go. Just ftp upload the files to your website’s root folder, open the HUD in your browser, make your image choices, enter your email and URL, and you’re set.
- Other security features are involved which are not discussed here.
