Dear all, I had a thought the other, we all know the implications of Image Captcha especially with accessibility and it's annoyances for those with visual impairments (color blind, dyslexic). This has probably already been done but the other night I had an alternative Captcha idea. Basically we all know 99% of form spam comes from BOTS, the bot fills out all fields and submits the form automatically. My idea is simply place an input field on your form with an obvious title e.g. 'Name'. Add a class or id to the input field and in your CSS style sheet set it to 'display:none' so it is hidden from the human user. In your PHP/Aspx whatever when he form is submitted check to see if the 'Name' field has been completed...if it has then it's spam as a human user wouldn't have been able to complete that field because it's hidden, where as the bot would have completed it. Simple alternative to image captcha.
Interesting idea... Could work for small sites. Obviously big sites would have to stick to captchas though as bots are often made specially for them (myspace etc).
There are many threads on how to help prevent bots other than the lovely Captcha routes. As said, the two issues are that some bots can interprit CSS and secondly that some bots are written specifically for a site or site script (eg vBulletin) and therefore they wouldnt include your hidden name field for inclusion. It may well work as a low level protection for custom sites but personally prefer things such as minimum time responses etc.
If you search you will find threads where it is discussed in detail but in principle you set a minimum response time from the page being served to the response being received based on the amount of data entry that someone is going to have to add. If you have 40 multiline fields on a form a user will take a while to complete it even if they are copying and pasting and so set a 30 second minium response and if it is quicker than that then treat it as a bot which can respond almost instantaniously.