I had designed my own system a while ago, but it's not fool-proof... So I'm trying to find a new way to make sure no automated scripts are accessing some pages... Anyways, if you don't mind sharing, what CAPTCHA system do you use?
I use a custom coded one. What is the issue with yours that makes you worry it isnt secure enough? Maybe some of the people around here can offer a few tips on imporving it
I use reCaptca (http://recaptcha.net/), this service is deserving a good cause of scanning existing books.... works under many languages.... simple to use!
for my forum im using the default one which comes with it , but i think recaptcha is just a brilliant idea !
Here's my animated gif captcha. I've had success with it on phpbb forums, scriptsmill comments & standard contact forms. OOP ready (thanks krakjoe) and works right out of the box. The idea behind it is that bots can break down most single framed captchas (gif or jpg) just by patching together pixels and reading numbers/letters from it. An animated gif is a series of pictures which is pieced together to make a math equation (4 + 2 = ?). Each time the script is run it pulls a random number of frames and a random time each frame is displayed just to keep crackers guessing. Hope this helps someone. edit: It's also very easy on the eyes so those people who say the captcha is too hard to read won't have that problem here. see it live....
I use my own too... it was too weak at the begening but I learn very interesting things while improving it !
I tried using the recaptcha one but I'm not having any luck - can someone please help? Here's the code on my page <? // Please don't modify or delete the copyright notice. Doing that is a violation of GPL. print<<<EOF <style type="text/css"> div#usernotes { font-family: Arial, sans-serif; font-size: 14px; color: #000000; line-height: 20px; padding: 14px; } div#usernotes div.head, div#usernotes div.foot { ffont-family: Arial, sans-serif; font-size: 14px; color: #000000; line-height: 20px; padding: 14px; } div#usernotes div.foot { font-family: Arial, sans-serif; font-size: 14px; color: #000000; line-height: 20px; padding: 14px; } div#usernotes div.foot a, div#usernotes div.head a { font-family: Arial, sans-serif; font-size: 14px; color: #000000; line-height: 20px; padding: 14px; } div#usernotes span.action { font-family: Arial, sans-serif; font-size: 14px; color: #000000; line-height: 20px; padding: 14px; float: right; } div#usernotes div.note { font-family: Arial, sans-serif; font-size: 14px; color: #000000; line-height: 20px; margin-left: 2em; margin-right: 2em; border-bottom:1px dashed; padding: 12px; } div#usernotes div.text { font-family: Arial, sans-serif; font-size: 14px; color: #000000; line-height: 20px; padding: 2px; margin-top: 8px; } </style> <div id="usernotes"> <div class="head"> <H3>{$COM_LANG['header']}</H3> </div> EOF; if ($comments_count) { for($i=0; $i<$comments_count; $i++) { if ($dont_show_email[$i] != '1' && $email != '') { $author[$i] = "<a href=\"mailto:{$email[$i]}\">{$author[$i]}</a>"; } $text[$i] = str_replace(chr(13), '<br />', $text[$i]); print<<<EOF <div class="note"> <strong>{$author[$i]}</strong><br /> <small>{$time[$i]}</small> <div class="text"> {$text[$i]} </div> </div> EOF; } } else { print<<<EOF <div class="note"> <div class="text"> {$COM_LANG['no_comments_yet']} </div> </div> EOF; } print<<<EOF <div class="foot"> <form method=POST action='{$COM_CONF['script_url']}'> <input type=hidden name="action" value="add"> <input type=hidden name="href" value="{$_SERVER['REQUEST_URI']}"> <table width="290" border="0" cellspacing="1" cellpadding="2" align="left"> <tr> <td width="83" align="right"><font color="red">*</font>{$COM_LANG['Name']}: </td> <td width="196" align="left"> <input type=text name="disc_name" maxlength=40 size=30> <input type=hidden name="r_disc_name" value="{$COM_LANG['r_disc_name']}"> </td> </tr> <tr> <td width="83" align="right">{$COM_LANG['E-mail']}:</font></td> <td width="196" align="left"> <input type="Text" name="disc_email" size="30" maxlength="70"> </td> </tr> <tr> <td width="83"></td> <td width="196" align="left"> <input type="checkbox" name="email_me"><font size=2><nobr>{$COM_LANG['Notify']}</nobr></font><br> <input type="checkbox" name="dont_show_email" CHECKED><font size=2><nobr>{$COM_LANG['Dont_show_email']}</nobr></font><br> </td> </tr> <tr> <td valign="top" width="83" align="right"> <font color="red">*</font>{$COM_LANG['Text']}: </td> <td valign="top" width="196" align="left"> <textarea name="disc_body" cols="60" rows="6" wrap="VIRTUAL"></textarea> <input type=hidden name="r_disc_body" value="{$COM_LANG['r_disc_text']}"> </td> </tr> <tr> <td valign="top" width="83" align="right"> </td> <td valign="top" width="196"> <?php require_once('recaptchalib.php'); $publickey = "6LcO3cwSAAAAALngs6SiNM4o0ya656Uvy3zg89XG"; // you got this from the signup page echo recaptcha_get_html($6LcO3cwSAAAAALngs6SiNM4o0ya656Uvy3zg89XG); ?> </td> </tr> <tr> <td valign="top" width="83" align="right"> </td> <td valign="top" width="196"> <div align="center"> <input type="submit" name="Submit" value="{$COM_LANG['Submit']}"> </div> </td> </tr> </table> </form> </div> </div> EOF; ?>
Then give up now. Bots have been breaking captcha for years. They now have it down to well under a second. My little company stopped using captcha years ago cause we found it virtually useless. I don't know any devs that use captcha anymore.