Wednesday, November 21, 2007

CAPTCHA - Word verification

CAPTCHA is a type of challenge-response test used in computing to determine whether the user is human. "CAPTCHA" is a contrived acronym for "Completely Automated Public Turing test to tell Computers and Humans Apart".

The following is a CAPTCHA.




There are two good articles about CAPTCHA on codinghorror.

http://www.codinghorror.com/blog/archives/000712.html

http://www.codinghorror.com/blog/archives/001001.html


The purpose of CAPTCHA is to make sure that, a human can do it very fast, but an automated script/program cannot do that.

If you take a normal programmer, who does not spend money on buying very expensive softwares, then breaking even the following code is also non-trivial, but it is very easily readable by humans.



If you have so much money (more than $6000), then you can break even the following code with 50% chance.



For this purpose, yahoo, gmail, and Hotmail came up with even more difficult CAPTCHAs. Sometimes, these are difficult even for humans. If the CAPTCHA is difficult for human, then the basic purpose is violated (i.e., not allowing a human to visit their website).

I like rapidshare approach very much. When you see the CAPTCHA image that they mention in rapidshare, it is very easy to understand. You don't need to spend any time to read the text in that. And, all the images, and characters in all the images are exactly of same structure and size. So, it tempts so-called programmers to write a script which cracks that. But, writing the program is not as simple as one can think of. Because, they use all the techniques of images while creating an image. There are few places in the image which one thinks as white, but actually it is black, and vice-versa. Because of these things, it would be very difficult to write a program. Even if someone writes, by the time, they finish it, rapidshare will change the image to another format like changing the size, and adding different shades etc. Again you will come back to square one. At the end of the day, you may need $6000 software to crack it. But, their CAPTCHA does not give any problem to the users. Where as other CAPTCHAs gives so many problems to the users.

There is another type of CAPTCHA in some other website.

Add 1 to 2 and type the result in the below text box.

For human, it hardly takes any time to find the result. Where as for computer, it is not trivial. If we make it even more complex, then it becomes even more difficult for computer. For example,

add 1234534512 to 1232429530.2322, and multiply the result with 12143298.4345 and divide it by 983435.234, and ignore this value, and put 4 in the below text box.

Something like above will be very easy for a normal user who can understand english properly, but, cannot be cracked by a computer in the next few years.

This is one area in which google is not meeting my expectations. understanding CAPTCHA of google is taking few seconds. I hope google will make it very easy for humans soon.

1 comment:

  1. CAPTCHA is very good and I would recommed it to everyone who wants to keep their site keep clean.You can stop a lot of spam by using CAPTCHA.

    ReplyDelete