My friend Prashant recently did a post on CAPTCHA. A CAPTCHA is basically the opposite of a Turing test which a computer can pass if it is sophisticated enough to have a conversation with a human being without the person unable to detect that it is a machine. The CAPTCHA is used to differentiate a human action from a computer-generated one. One of the most common use is to stop automatic submission of web forms by spammers.
In recent times, I started getting a lot of spam from two forms in my website – a guestbook form and an email form. Neither form directly affected the content of my website since both forms sent an email to my account. But the spam was becoming a nuisance as I was getting around 20-30 spam emails per day.
After reading Prashant’s article, I was motivated enough to implement a CAPTCHA on the forms. Typical CAPTCHA implementations use a distorted image that an image processing algorithm cannot decipher, but humans can easily recognize. Coding for such an implementation is algorithmic-intensive and take a lot of time and knowledge.
Then I remembered seeing a different implementation on someone’s website where he had asked the person to put in the answer for a simple addition problem. So I added a new field on my form, asking the user to put in the answer to questions like “what is 2 PLUS 1?” If the user got the answer right, the form would be submitted.
As soon as I put the new forms up, all the spam stopped. I have not got a single spammed email. What worried me, though, was if it would cause problems for legitimate users. Happily, that doesn’t seem to have happened as I have received a few submissions from my friends from the form.