I'm implementing a website with a CAPTCHA on the registration form; my first. I've read dozens of posts on the arguments for and against, and of all the various implementations out there. I'm happy with all that but it's a necessary evil in my case.
What I don't understand is why people post the random captcha characters in their posts, all over the web? Here's an example from today on TDWTF. In 95 comments, 5 people have appended strings like this to the end of their posts:
Captcha: nimis.
Captcha: augue.
Captcha: distineo.
Is this a security risk? Are they publishing the captcha strings so that they can be harvested and used in an attack? Or are they just trying to track themselves by embedding a random word for a subsequent Google search?
Should I be worried?