Best practices for CAPTCHA design?
48 views
Skip to first unread message
Sulabh Bista
May 31, 2008, 3:23:08 PM5/31/08
to libn...@googlegroups.com
Dear all:
I am working on an authentication system that will utilize CAPTCHA to prevent brute force attack. Instead of using CAPTCHA solutions from the web, i am trying to develop my own implementation. I am using the PHP GD library. I am done with the session management thing. Has anyone already worked on this project and can offer me some help? I would also want to know about the basics of computer vision and how some bots are able to crack CAPTCHAs.
Regards,
Sulabh Bista
I am working on an authentication system that will utilize CAPTCHA to prevent brute force attack. Instead of using CAPTCHA solutions from the web, i am trying to develop my own implementation. I am using the PHP GD library. I am done with the session management thing. Has anyone already worked on this project and can offer me some help? I would also want to know about the basics of computer vision and how some bots are able to crack CAPTCHAs.
Regards,
Sulabh Bista
nepbabu
Jun 9, 2008, 12:41:33 AM6/9/08
to libn...@googlegroups.com
On Sunday, 1 June 2008 at 1:08:08 +0545, Sulabh Bista wrote:
> Dear all:
>
> I am working on an authentication system that will utilize CAPTCHA to
> prevent brute force attack. Instead of using CAPTCHA solutions from the web,
> i am trying to develop my own implementation. I am using the PHP GD library.
> I am done with the session management thing. Has anyone already worked on
> this project and can offer me some help? I would also want to know about the
> basics of computer vision and how *some *bots are able to crack CAPTCHAs.> Dear all:
>
> I am working on an authentication system that will utilize CAPTCHA to
> prevent brute force attack. Instead of using CAPTCHA solutions from the web,
> i am trying to develop my own implementation. I am using the PHP GD library.
> I am done with the session management thing. Has anyone already worked on
> this project and can offer me some help? I would also want to know about the
Below is more of "how to get there" sort of answer so if you've already got answer for it, ditch it or else read on.
I suppose the best way to get answer is to ask in their respective ML / Newsgroup etc. IRC is also a good option. One way -> Sit simultaneously on say #security and #php, then try to ask people questions relating to how an attacker might circumvent the captcha using automated bots etc. Try to ask questions as much as you can and learn how things are done and as freenode is pretty cool about all this. You should get upto speed with how to prevent it.
Sorry, can't be of much help. Also, try Googling and ask our friends @ nepsecure GG.
cheers
Sulabh Bista
Jun 9, 2008, 7:32:23 AM6/9/08
to libn...@googlegroups.com
Thanks for the how-to Nepbabu :)
Regards,
Sulabh Bista
Regards,
Sulabh Bista
Reply all
Reply to author
Forward
0 new messages