If you have filled out online forms, you have probably encountered CAPTCHA technology. CAPTCHAs are the distorted images you will see at the end of web forms that is used to tell apart humans and spam bots.
With CAPTCHA, the user filling out the form will have to enter the letters or numbers from the distorted image in order to be able to submit the form.
Although the technology is a good idea, Websense noted that Google?s Gmail CAPTCHA was busted last week. A few weeks before that incident, Microsoft Windows Live Mail?s CAPTCHA defense was the target of spam bots.
So, if the technology is being broken by automated intruders, it seems as though it may only hamper the efficiency of real live humans.
“CAPTCHA?s were a good idea, but frankly, in today?s profit-motivated attack environment they have largely become irrelevant as a protection technology. Yes, the CAPTCHA?s can be made stronger, but they are already too advanced for a large percentage of Internet users.”
- If the CAPTCHA security abilities can be broken, what can it be replaced with?
- Do we need an updated CAPTCHA system based on newer web standards?
- Is the minor defense that CAPTCHAs provide better than nothing?
- If CAPTCHA is not the answer, what can be done?to prevent automated attacks?