WordPress.org

Ready to get started?Download WordPress

Forums

Which is the best Captcha plugin? (19 posts)

  1. Sootahcris
    Member
    Posted 8 years ago #

    I'd like to install a captcha plugin on my site for the comments before I get nailed by a spammer.

    Which of the options is the best?

  2. charle97
    Member
    Posted 8 years ago #

  3. Mark Jaquith
    WordPress Lead Dev
    Posted 8 years ago #

    Please consider some of the other options (Bad Behavior 2 and Akismet work well together) before using a CAPTCHA. Visually impaired people will not be able to comment, nor will people with images turned off. And all of your commenters will be inconvenienced.

  4. Samuel Wood (Otto)
    Tech Ninja
    Posted 8 years ago #

    Captcha's don't work. This is more or less conclusively proven. Don't bother with them, use other methods that actually do work instead. Akismet, Bad Behavior, Spam Karma, etc...

  5. maerk
    Member
    Posted 8 years ago #

    Yeah, generally captchas are annoying, and they're not bullet-proof.

    In addition to the accessibility issue, it's always best to make it as easy as possible for your users to leave a comment, if a comment form is complicated, I usually don't bother, unless I really want to say something :)

  6. charle97
    Member
    Posted 8 years ago #

    Captcha's don't work. This is more or less conclusively proven.

    google uses a captcha

  7. Samuel Wood (Otto)
    Tech Ninja
    Posted 8 years ago #

    google uses a captcha

    Yes, they do. Your point?

  8. charle97
    Member
    Posted 8 years ago #

    captchas do work.

  9. Samuel Wood (Otto)
    Tech Ninja
    Posted 8 years ago #

    Sorry, but no, they don't.

    Captchas render content inaccessible to blind users or anybody that uses a screen reader system. If you're a US company, this is potentially an ADA violation and could get you sued.

    Most captchas are easily defeated by clever software. I forget the link, but some university students wrote a program that reads captchas and gets it correct something like 80% of the time. If they had their program try a second time (with different generated captchas from the same programs), that increased to 95%. It was on slashdot a year or two ago. Interesting stuff.

    A surprising amount of captcha software is buggy anyway. Either encoding the captcha text in a cookie or in some other easily machine decodable form, or using a hash, which makes the process of machine reading a hell of a lot easier.

    Since captchas are reasonably difficult to code, the majority of them use pre-made packages, so all the software has to do is to determine what package you use and use the correct algorithim to defeat that package.

    One attack used other people to defeat captchas. Essentially, he made human beings type in the text from a captcha to access something, like porn. Only the captcha image was relayed from somebody else's site and the text then would let the software get through that captcha. An interesting attack, I thought. All a spammer would have to do is to send any captchas to some high traffic he ran, like a free porn site.

    And so on. The point is that captchas don't work in the long run. Nor will they ever, because as processor power increases so does the ability for machines to read and defeat them.

    Whereas filtering solutions *do* work, and work quite well.

  10. heyrsmith
    Member
    Posted 8 years ago #

    A captcha will not keep the trackback spam out; You need Akismet and Bad Behavior for that. Once you have those installed, you won't need a captcha.

  11. RobS
    Member
    Posted 8 years ago #

    Maerk wrote:

    "if a comment form is complicated, I usually don't bother, unless I really want to say something :)"

    And this is bad how? Sounds to me like a little inconvenience might go a long way toward self-moderating a web site, keeping the flow of replies limited to people who really want to say something useful. :-)

  12. CAPTCHAs CAN work, but there are much, much better solutions. I mean hell, like 3/4 of them are easily crackable and the rest are just a pain in the ass to read.

    The best two solutions are linked to in the big fat stickied thread at the top of the forum that you should have read before making a new thread. :/

    http://wordpress.org/support/topic/72930

  13. Samuel Wood (Otto)
    Tech Ninja
    Posted 8 years ago #

    And this is bad how?

    Because a lot of people who have useful things to say will simply leave without saying those useful things. Me, for one. I don't do captchas either, regardless of how relevant my comments might (or might not) be to the topic at hand.

    Assuming that people who have time to waste on your captcha are the only ones who have something relevant to say is a poor assumption at best.

  14. CaptainSKA
    Member
    Posted 8 years ago #

    Okay, regardless of whether they work or not, I can't believe some of you are saying you can't be bothered to type in 4-6 more characters... Is it that big of an inconvenience/time waster? Even typing around 40 wpm, means it'll take you 1.5 seconds roughly to type it out...

  15. Samuel Wood (Otto)
    Tech Ninja
    Posted 8 years ago #

    CaptainSKA: That assumes that I can read your captcha, which half the time I can't. Some of them have gotten so illegible that it's difficult for normally sighted people to get them, and frankly they're so frustrating that I won't even bother making the attempt.

    In other words, if I look at your comment box and see a captcha, I leave your site. Right then. It's a deal breaker. I won't leave a comment because I'm not interested in trying to figure out your primitive and arcane technology. I don't care enough about making a comment on your blog to deal with it. Simple. It doesn't even matter that I can read your captcha, the fact that you have one at all simply makes it not worth my time to bother with it.

  16. vavroom
    Member
    Posted 8 years ago #

    I'm right with Otto42 on this one, couldn't have said it better.

  17. jeremy13
    Member
    Posted 7 years ago #

    There was a nice CAPTCHA solution developed by http://www.protectwebform.com
    http://www.protectwebform.com/plugin_wordpress

    They have a beta version, but they already have audio support, reload button for image,
    and a very nice solution called "Smart Captcha". I use it and it works for me fine currently.

    It simply hides any CAPTCHA for all the reliable ip addresses.

    Seems the there is some progress in developing captchas.

  18. maerk
    Member
    Posted 7 years ago #

    I guess it depends on what you're looking for. No anti-spam solution can ever be 100% effective or foolproof. I prefer not to use a captcha because I find them annoying when I encounter them.

    In my opinion, captchas add to the harm caused by spammers since they annoy genuine visitors to your site -- especially those visitors who are the most valuable: regular visitors.

    It seems captchas are getting more sophisticated, but some people have dynamic IPs which will change every time they visit your site.

    I prefer the behind-the-scenes anti-spam measures, they were more sophisticated from the start :)

  19. amcgall
    Member
    Posted 7 years ago #

    My site was plagued by spam comments. I installed Nio's plugin and no more spam. Akismet did nothing to stop the spam.

Topic Closed

This topic has been closed to new replies.

About this Topic