Accessible captchas

Friday, 13 April 2007

To create an accessible captcha is not easy task because the very nature of the test creates accessibility problems because it is difficult to tell machines and humans apart. I like difficult problems that people have a hard time in figuring out the right solution 🙂 Usually what I tend to do when coding for something like this is to think of a extremely simple concept and keep the code as simple as possible yet offer enough security for it to work correctly.

The Heyes method

My sample code creates a grid of 3 items with 3 checkboxes per item; this can obviously be increased in the code. The idea being is that the “Heyes captcha” tells you which items to select. If you select the correct items then you passed as a human otherwise it is assumed you are a robot. Now the Heyes captcha is recreated every time an invalid request is sent so therefore providing enough security against a brute force attack.

Update

  1. Added some new security features which prevent attacks described by Trev and kuza55. Unfortunately the captcha becomes slightly less accessible because of these new features.
  2. 20-04-2007 – Added two classes which extends the base class, one randomiser class which places the checkboxes in a random order and then uses absolute positioning to position the checkboxes. The other class will be a fully accessible one which will use random sentences (Still under development)

Heyes Captcha 1.4

Big thanks

Ronald – Jungsonn Studios
kuza55 – sla.ckers forum
trev – sla.ckers forum
Jeremiah Grossman

The entry 'Accessible captchas' was posted on April 13th, 2007 at 11:30 am and last modified on April 20th, 2007 at 8:21 am, and is filed under accessibility, php. You can follow any responses to this entry through the RSS 2.0 feed. Both comments and pings are currently closed.

Comments are closed :( too much spam. If you want to contact me about any article please email or tweet me.

«
»