Medusa

Understanding Captcha Security Method

The World Wide Web isn’t the safest place and many people are planning to do harmful things to us. There are different forms of online threats. People may want to compromise and degrade our security system. Web developers can fight back by incorporating various security features in their websites, such as encryption, input validation checks and a myriad of secure coding methods. Attackers are using increasingly sophisticated methods to attack our website. They have plenty of tools and skills to wreak havoc on our meticulously designed website. An attacker could launch a digital assault to our website, generating many false inquiries to the server. In an instant, our website will be almost useless.

Our website should be protected from these attacks and there are sophisticated spambots that try to create fake accounts or perform repeated searches with our internal search bar. They are able to fill registration forms, take part in our online surveys and do many things that we expect from real visitors. Without proper protection from these bots, website owners will have unpleasant experience of seeing the website being attacked from all sides. In this situation, we need a method that allows our website recognize real human users and spambots. We need to differentiate malicious codes from real human.

The famous computer scientist, Alan Turing, created a method to differentiate between human and computer in 1950. He put computer in one room and real human user in another. Both are asked with the same question and he tried to determine which one is human and machine based on the conversation. Many computer scientists further improved his work and many new methods are devices, including CAPTCHA or called “Completely Automated Public Turing Tests to Tell Computers and Humans Apart”. Two researchers from Yahoo presented a paper on this method and they proposed the use of distorted images and words that can be perceptively recognized by human.

Later researchers added new details to the Captcha method, such as the HIP design guidelines. It is assured that HIP puzzle is quite easy to recognize and secure. Good puzzle is defined as the key success in using Captcha. A lot of text and numbers styles displayed by Captcha boxes. There are different Captcha products in the market, both free and commercial. Regardless of the type of Captcha platform we use, it should contain plenty of great features. We should multiple algorithms used by the platform and there should be an audio support for people who can’t recognize things well.

There should also be a reload button to renew the images displayed on the box. Web developers need to determine the image size of the Captcha box to fit their design layout. Captcha may use different image formats, such as BMP, PNG, GIF and JPG. Developers should be able to determine the length of the code, as well as the composition of alphanumeric combination. When users mistakenly type a Captcha code, only the Captcha box is reloaded, to prevent users from retyping all the fields in the page.