I run several websites, a few of which have user-generated content and have to deal with spam. Because of this, I’ve occasionally had to use CAPTCHAs. If you don’t know what they are, they’re the little images with letters/numbers in them that you need to reproduce to prove you aren’t a bot. They’re generally thought to be effective, but can be annoying to end users. The acronym stands for: Completely Automated Public Turing test to tell Computers and Humans Apart (awesome name, especially the reference to the Turing test).
CAPTCHAs are effective. There are rumors out that they’re now easily broken by spammers, but this isn’t really true. While very dedicated spammers can break simple CAPTCHAs, anything where letters connect or are connected with a shape/line should be plenty to foil 99% of spam/bot efforts. It isn’t the fact that CAPTCHAs are perfect (they aren’t), but that they are good enough to eliminate the vast majority of bots.
They can be very annoying, however. The most extreme example I can think of is Rapidshare’s new system, which I generally have to try at least twice before getting right. This seriously pisses me off, and I’m not the only one.
That’s an extreme example, of course, and it’s also overkill.
This sort of thing is all most sites need:
It’s simple and effective. It’s breakable, under extreme conditions, but it’s a good compromise between the blocking of spammers and the annoyance of users.
