CAPTCHA alternatives

If your web forms are getting spammed, and CAPTCHA isn’t a good solution, here are some possible alternatives.

• http://isc.sans.org/diary.html?storyid=1836
• http://softwareas.com/captcha-alternatives-and-end-user-attitudes
• I’ve taken to renaming our feedback pages, and then using robots.txt to prevent search engines from indexing their new names.

• Related Link: http://kb.ucla.edu/articles/what-is-captcha

The Akismet service has a good reputation, and is widely used by Wordpress amongst others. It could be another layer of protection against spam.

• http://akismet.com/ (official site)
• http://codex.wordpress.org/Akismet (an example of it in a blogcentric CMS)

Jared Smith of WebAIM has compiled a series of server-side processing techniques that get rid of spam without the use of
CAPTCHA. Scripts are provided in PHP.

Spam-Free Accessible Forms

The scripts include:

•

• Detect spam-like content within submitted form elements
  •
• Detect content within a hidden form element
  •
• Validate the submitted form values
  •
• Search for the same content in multiple form elements
  •
• Generate dynamic content to ensure the form is submitted within a
  specific time window or by the same user
  •
• Create a multi-stage form or form verification page
  •
• Ensure the form is posted from your server