strategy to defeat CAPTCHA bypass

 

I have read the posts and the links about how to decode captcha. What I have not seen are strategies to make it more difficult to do this. In particular strategies that are not really complex.

Also, does anyone have any strategies to try to detect if people are bypassing captcha? I am developing browser based game and I need to use something to prevent people from using simple bots to play all day long. There are actually companies out that that sell specialized bots for games.

such as this guy: http://jrimsoftware.com/

Here are some ideas that I have had:

  • Store a timestamp for when a captcha is presented
  • Store a timestamp for when the captcha is answered.
  • Record this by user for each time they get a captcha.
  • Use sql to determine the avg, mean, and standard deviation for how long it takes people to answer theses I am willing to guess that the average time to answer a captcha by a bot will be lower than the overall average and in particular the standard deviation will be smaller.

    • I know people can code random functions around this, but if I keep it quiet they may not know what I did. Plus banning people may scare many others from trying to bypass captcha.

    Preventing Captcha bypass:

  • use multiple types of captchas (start with 1, then add more)
  • change button names presented on the screen. Keep the old button as well. If an older button is used repeatedly, this should give strong evidence for a bot.
  • mix in questions that you have to google. This is a bit time consuming to get. but I may be able to find a list, then load them in the database. use these inter mixed with captcha.
  • some questions can include translating a word to a different language (such as using google translate) to increase my list.

    • any other suggestions?

    It is much simpler than all that. Just stay on top of which CAPTCHAs have been defeated and switch your methods when your current one breaks. It is easy to see which CAPTCHAs are easier and which are tougher.

    Here are some good ones

    I've had great success with reCAPTCHA

    CAPTCHAs are like the lock on your front door; they're not intended to prevent thieves from breaking in. They're intended to make it hard enough for him that it's not efficient to do. He'll quit and go next door instead. (Sorry, neighbor.)

    With all due respect, I think you're overthinking this.

    链接地址: http://www.djcxy.com/p/21626.html

    上一篇: ReCaptcha太弱了吗?

    下一篇: 打败CAPTCHA搭桥的策略