Re: An unobtrusive partial alternative to CAPCHA

"Ben Bacarisse" <ben.usenet (AT) bsb (DOT) me.uk> wrote

Quote:

A while back I suggested a method of using timestamps to filter out at
least some automatic form postings. Now that I have tried it for
about 10 months, I thought it might useful to report back.

Briefly, the current time is encoded in a hidden form field when the
page containing it is served. The script that processes the form
checks the (new) current time against that in the form and rejects the
submission if it is either too fast or too slow. Unless the user
is super fast they see no effect at all. There are no accessibility
issues unless one sets the maximum permitted time too low. I currently
allow submissions from 5 seconds up to an hour after the form was
sent. Results suggest that this upper limit can safely be increased.
snip

Fascinating Ben. This is an area where I have an active interest, so I may
borrow your idea (no need for code, but the concept is priceless.) I know
its not a complete answer to spam, but it all helps.

One thing I would say is that I wouldn't advertise the idea. Once spammers
catch on to it it shouldn't take them much effort to get round it. That
said, most spammers seem to be absolute idiots so the idea may be sound for
many years to come.
--
Brian Cryer
www.cryer.co.uk/brian