Recent files
Better Robot Stopper
NickR
YACS team (UK)
YACS team (UK)
The current robot stopper is quite weak... the value required is stored as an MD5 in a hidden field and anyone wanting to automate form submission (which the robot stopper should do) they could easily write a script to do this.
To improve this there are a few options:
1. Keep the md5 value in user session, rather than hidden field.
2. Improve the question.
My suggestion is randomly generate of grid of 5x10 digits (store the values in session as an array) and ask the user to pick 3 randomly chosen values. This is something we do at work with security cards for our website and works well.
3. Use a recaptcha.
To improve this there are a few options:
1. Keep the md5 value in user session, rather than hidden field.
2. Improve the question.
My suggestion is randomly generate of grid of 5x10 digits (store the values in session as an array) and ask the user to pick 3 randomly chosen values. This is something we do at work with security cards for our website and works well.
3. Use a recaptcha.
Add a commentRate this page
Posted by NickR on Mar. 27, (popular)
