KeyCAPTCHA feedback

  • 2 Replies
KeyCAPTCHA feedback
« on: 11 / July / 2013, 02:40:36 »
As an active participant on Wikipedia, Stack Exchange, Pentax Forums, and other online communities, this forum represents the first time I have encountered KeyCAPTCHA.  While I understand the importance of preventing spam, the tedium of solving this type of CAPTCHA has made me concerned about it.

I realize that this forum has been aggressively attacked with spam which other anti-spam measures have failed to prevent. However, I find this CAPTCHA to be more tedious and time-consuming to solve than what I'm used to, and the difficulty ramps up too quickly after several successful solutions in quick succession.  (I realize the increasing difficulty is intended to be a security measure.)  This becomes very annoying when editing and previewing posts.  In addition, I haven't seen any mention of a minimum-post requirement for getting rid of the CAPTCHA, so how many posts do I need to make before I no longer have to go through the CAPTCHA?

I want to make it clear that it is not my desire to rant about this.  However, it would be nice if the administrators could make some adjustments to make the CAPTCHA less tedious to solve without making the site more vulnerable to spam.


Edit: The CAPTCHA requirement is removed after three posts.
« Last Edit: 11 / July / 2013, 04:12:49 by DragonLord »
Other online communities I'm in: Stack Exchange - Wikipedia - Pentax Forums

Re: KeyCAPTCHA feedback
« Reply #1 on: 11 / July / 2013, 06:32:07 »

Thanks for you input. I think you got most of it right, being the important bit the three post as minimum requirement for the captcha to go away.

I guess there arent' a lot of users that will actually use the board a few times or even become active users and see that captcha more than a handful of occurences.

For those that register, only use search or like yourself, make several intermediate operations like editing posts, you might see it a few more times.

As for the captcha itself - I obviously don't use it much, but tested it a lot before implementation, even on mobile devices - but I think it's easy solve, though not as fast as typing a pair of words.

But still, I think the outcome is positive. This site is not on a dedicated server and resources are limited. Spam attacks were the main cause for several serious performance issues the site had in the past and it's something I would like to avoid if possible.

Have fun!

Re: KeyCAPTCHA feedback
« Reply #2 on: 11 / July / 2013, 10:22:32 »
From what I've read online, the increasing difficulty seems to be inherent to KeyCAPTCHA and might not be under your control.  This characteristic makes KeyCAPTCHA less suited to online communities that require CAPTCHA protection for a large number of actions within a short time.

KeyCAPTCHA is clearly designed to be much more effective at preventing automated spam than other solutions like reCAPTCHA.  The escalating difficulty (which resets after 24 hours), the image at top right having different colors than the main image, and the random position (within the KeyCAPTCHA box) of the image to be solved, show that it is consciously designed to be future-proof against increasingly advanced attacks—even though there are currently no known automated attacks against it.  I think that with some tweaking (and this falls to the vendor of the KeyCAPTCHA solution, Mersane Ltd.), it can become mainstream.

Other online communities I'm in: Stack Exchange - Wikipedia - Pentax Forums


Related Topics