http://captchatrader.com

An old discussion; some already has been incorporated into the captcha module:

Invisible javascript test before captcha fallback - http://drupal.org/node/598330 "to make it even more difficult for generic spambots to simulate a real user, the javascript code could also test that a key has been pressed and that the mouse has been moved and that a delay of a two seconds has passed since page load, and that the page is shown inside a chrome window"

For some users, JavaScript is very difficult, impossible or not used due to privacy concerns, like that with anonymous Tor browser JS is removed.

What additional JavaScript and non-JavaScript measures could be taken to make this captcha modules even better?

Like astronomous more complexity that almost always really new captchas are asked, instead of ones that have been asked before (& so can be in the automatic resolver database)?

Comments

ClearXS’s picture

Also; combining several complexity factors, is like multiplying their sole complexity into astronomous possibilities.

What (every time randomly applied) factors?

* amount of digits;
* amount of possible text combinations;
* amount of possible ways to 'misform'
* amount of ways to respond (clicking, enter, other button or button combination)
* ...?
* etectera.

soxofaan’s picture

Title: More security/complexity? captchatrader.com USD 1.00 buys 1000 solved CAPTCHAS » More complexity factors in the challenges?

Hi ClearXS,

what are you requesting precisely?
You seem to be interested in Javascript based CAPTCHA's, but then discard it because of various reasons.

... instead of ones that have been asked before

The CAPTCHA's are always randomly generated on every request, there is no pregenerated list of challenges.
E.g. with the standard image CAPTCHA, the letter code is random, the distortion is random, the noise is random, admins can select multiple fonts to be (randomly) used in the challenge, ...
So the number of different challenges is already "astronomous" if you want to put it that way.

I'm not sure I understand your request correctly.

PS: I removed that website from the title, because we don't want to help them with their SEO :)

wundo’s picture

Issue summary: View changes
Status: Active » Closed (outdated)
ddarras2012’s picture

Looks like a promising addition to harden forms in addition to CAPTCHA: https://www.drupal.org/project/antibot You can configure it at: /admin/config/user-interface/antibot

This too: https://www.drupal.org/project/recaptcha_v3