Solved

How important is a captcha?

Posted on 2010-08-18
9
556 Views
Last Modified: 2013-11-16
There are some cionflicting views on whether it is worth including a captcha.
What do the experts think?
0
Comment
Question by:digisel
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
9 Comments
 
LVL 2

Assisted Solution

by:jayaram13
jayaram13 earned 50 total points
ID: 33463485
A well written CAPTCHA is incredibly important for several scenarios:

1.  Prevent automated brute force attempt to crack login id/password combinations.
2.  Prevent comments sections in forums from being filled up with spam.
3.  Prevent automated anonymous posters from posting in anonymous forums.
...
0
 

Author Comment

by:digisel
ID: 33463697
thanks.
there is a growing trend it seems to put a captcha on a Contact Us page.
I am considering doing the same.  But in this context it seems to be overkill.
Comments please
0
 
LVL 6

Expert Comment

by:syedyounus
ID: 33464090
The purpose of captcha is to block auto-fill programs which can be anything like contact us forms or any other forms in general.

check the below link for further details.

http://en.wikipedia.org/wiki/Captcha 
0
Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 

Author Comment

by:digisel
ID: 33464223
thanks.   i was aware of that.
I am still not convinced that this is not overkill for  a smallish private site where there is very little contact anwya with users.
If I dont have it is there danger that I might just get spam comments.  If these do not give a return mail address then they identify themselves as spam anyway.
Or am I missing a poinjt??
0
 
LVL 12

Accepted Solution

by:
sarangk_14 earned 150 total points
ID: 33464481
Another possibility that you need to take into consideration, if you are not going to use captcha, you need to have a strong validation performed on the content provided by the visitor on the contact us page. E.g. Disabling HTML code, Scripts, etc.

This is to prevent XSS/ CSS (Cross-site Scripting) attacks, which to the best of my knowledge, can be automated to a fair extent, i.e. no human intervention required.

Captchas help in this regard, by not allowing the "bots" to send these scripts to you.

Hope this helps. Request opinions by other experts.

Warm regards,

Sarang
0
 
LVL 6

Assisted Solution

by:syedyounus
syedyounus earned 150 total points
ID: 33465014
It all depends on the age of the website & the number of using visiting daily.
If your website does not have that many users you can ignore the captcha or you can use recaptcha which is very much easier to integrate you can find it at http://recaptcha.net/

or you could try

http://www.experts-exchange.com/Programming/Languages/Scripting/JavaScript/A_2126-KAFKA-A-Simple-CAPTCHA-Implementation.html
0
 
LVL 25

Expert Comment

by:madunix
ID: 33470174
0
 
LVL 9

Assisted Solution

by:Snarfles
Snarfles earned 150 total points
ID: 33495708
You're debating whether it is worth it for a particular site which you say is smallish and has limited emails sent through the contact form. If this is the case and you aren't getting any spam then there is no need to bother.... yet. If it comes to a point where you are getting spam then sure, whack one in, but if it is as you describe then why waste your time right now (unless its a learning thing...).
0
 

Author Closing Comment

by:digisel
ID: 33495766
thanks for your time and input
0

Featured Post

Technology Partners: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This story has been written with permission from the scammed victim, a valued client of mine – identity protected by request.
The advancement in technology has been a great source of betterment and empowerment for the human race, Nevertheless, this is not to say that technology doesn’t have any problems. We are bombarded with constant distractions, whether as an overload o…
Use Wufoo, an online form creation tool, to make powerful forms. Learn how to selectively show certain fields based on user input using rules to gather relevant information and data from your forms. The rules feature provides you with an opportunity…
Email security requires an ever evolving service that stays up to date with counter-evolving threats. The Email Laundry perform Research and Development to ensure their email security service evolves faster than cyber criminals. We apply our Threat…

749 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question