Hallo I want to protect my site with Cpathca "ensure that the response is not generated by a computer". Ho secure is this? Do you know some human or software, that can crack it?
It would be a pretty complex piece of software to crack a good Captcha code. You're probably safe to use it unless you are worried about some serious hackers trying to automate stuff on your site.
The new versions of captcha are safer than the old ones.. (seen older versions that stored the answer in a cookie which is a bit stupid) A friend of mine made a captcha-bypass a while back, but it´s not updated so I'm not sure if it could bypass the new ones.
programmers still have tools out there to let their software connect to a 3rd party that decrypts the captcha.
Captchas provide a (very) weak layer of security. If it's possible for a human of average intelligence to solve it - then not only can a computer currently do it faster and more accurately - but humans can do it. What I mean is that there are many services offering real-time captcha solving by armies of people working from home. However if you're going to use one, ReCaptcha will stop the majority of fluff getting through. <edit>BTW - ReCaptcha was cracked a long time ago.</edit>
How do you exactly "crack" a captcha generator? I see no other way but with some OCR program, since "good" captcha generators won't store any captcha information on your PC and rely only on PHP's session cookie that's IP aware (very important, otherwise if you "clone" that cookie onto 1000 different PC's, it takes only 1 captcha solving for 1000 actions, ie. comment posting).
chances of recaptcha being cracked easily are little less coz the captcha comes through api from thier own site..
You should be a safe with a captcha, these people are just paranoid. Big sites like google, ticketmaster and facebook wouldn't use them if they weren't effective. Check out reCAPTCHA, its free and the most effective that I know of.
It's not really too complex to crack CAPTCHA's, but most people will be hitting your site in an automated process, so a high strength generic captcha (like reCAPTCHA) will do the trick.