views:

712

answers:

7

What is the best unobtrusive CAPTCHA for web forms? One that does not involve a UI, rather a non-UI Turing test. I have seen a simple example of a non UI CAPTCHA like the Nobot control from Microsoft. I am looking for a CAPTCHA that does not ask the user any question in any form. No riddles, no what's in this image.

A: 

How can anything on a website not have a UI? Could you maybe be more specific about what you mean by this? I think by definition a Turing test needs a UI -- it has to interact with a user. Did you mean a GUI? Does that mean a non-image based Captcha?

Edited to add: Thanks for the clarification.

lbrandy
+4  A: 

I think you might be alluding to an "invisible" captcha. Check out the Subkismet project for an invisible captcha implementation.

http://www.codeplex.com/subkismet

sestocker
+2  A: 

Try akismet from wp guys

Thej
+1  A: 

I think asking the user simple questions like:

"How many legs does a dog have?"

Would be much more effective that any CAPTCHA systems out there at the moment. Not only is it very difficult for the computer to answer that question, but it is very easy for a human to answer!

GateKiller
Not when the user doesn't speak whatever language your page is in.
Longpoke
Very good point. Hopefully a fully multilingual website would be able to get around that. I suppose you could use a maths question like "5+7=" which would get around the language barrier, at least for western countries.
GateKiller
+2  A: 

Eric Meyer implemented a very similar thing as a WordPress plugin called WP-GateKeeper that asks human-readable questions like "What colour is an orange?". He did have some issues around asking questions that a non-native English speaker would be able to answer simply, though.

There are a few posts on his blog about it.

ZombieSheep
+1  A: 

@KP

After your update to the original question, the only real option available to you is to do some jiggery-pokery in Javascript on the client. The only issue with that would be provicing graceful degredation for non-javascript enabled clients.

e.g. You could add some AJAX-y goodness that reads a hidden form filed value, requests a verification key from the server, and sends that back along with the response, but that will never be populated if javascript is blocked/disabled. You could always implement a more traditional captcha type interface which could be disabled by javascript, and ignored by the server if the scripted field if filled in...

Depends how far you want to go with it, though. Good luck

ZombieSheep
There are browsers that don't have JS? In 2010????
Longpoke
I meant clients that have had javascript disabled by the user, and there are plenty of those around.
ZombieSheep