My site uses an in-house captcha based on PyCaptcha. We've noticed a
couple of occurrences that make us wonder if some users have broken
it. So, before we spend time to make it stronger, we're thinking
about moving to reCAPTCHA.
I've got two question that I'm hoping the reCAPTCHA powers-that-be
might answer. I assume some others have had these same questions on
occasion...
a) How strong is reCAPTCHA? I've read some informal comments (e.g.,
in
http://tinyurl.com/25letw) about how you intend to keep it strong.
But can you quantify its strength compared to other captchas, today?
For example,
http://www.codinghorror.com/blog/archives/001001.html
lists some captchas in order of what one Chinese hacker says is their
cracking ease. (Visit the Chinese site, and you'll see a captcha list
ranked in order of cracking difficulty.) Where would reCAPTCHA rank
in this list?
What about other efforts, like
http://www.captchakiller.com/?
b) Can you me some idea of what your availability will be over the
next two years? I don't mean predicting outages, but rather what
you're funded for. Is there a guesstimate as to when you might run
out of OCR'd phrases? Or, if you've got funding for four servers for
the next four years, that's a bit different than if you're running out
of money at the end of March...
I think your intent with this is simply _great_. But the devil is
sometimes in the details, and I'm just trying to decide whether to
base our site on it.
Thanks,
John