• I Am Not a Human

last modified June 11 by strypey


I have yet to find any pre-assembled free code implementations, but my favourite suggestions so far for replacing reCaptcha is the honeypot technique. The concept is that webmasters add fields to their forms that are invisible to human users, but visible to bots. When bots fill in these invisible fields, they reveal that they're not human, and the forms can be safely discarded.

I like this because of the way it shifts the burden of proof. Instead of requiring users to perform annoying extra tasks to prove they are human, they are presumed to be human, unless they reveal themselves to be bots. Also, 'are you a human' captchas, are known to make it difficult (if not impossible) for some special needs users to access websites, so this is another good reason to find a replacement for them.

More details on the problem statement and solution proposal here:

http://ezinearticles.com/?Captchas-Considered-Harmful---Why-Captchas-Are-Bad-And-How-You-Can-Do-Better&id=1104207

... and some discussion of implementation:

https://www.thryv.com/blog/honeypot-technique/

https://nedbatchelder.com/text/stopbots.html

Human "mechanical turks" can be employed at exploitative piecework rates to fill in captchas for commercial spammers:

http://www.beatcaptchas.com/prices.html

General resources on reCaptcha replacement options:

http://www.karlgroves.com/2012/04/03/captcha-less-security/

https://www.w3.org/WAI/GL/wiki/Captcha_Alternatives_and_thoughts

"SecurImage or phpcaptcha is open source alternative to Google reCaptcha".

SO: Stop spam without captcha

SO: Practical non-image based CAPTCHA approaches?

SO: When the bots attack!