CAPTCHA 2.0 - work on bugs

    Once again, I welcome all the habra

    My previous work had a number of flaws. I am glad that there were people who sensibly criticized her, and was ready to improve. Fair.

    Disclaimer


    As we all remember, captcha should not appear on every link. Captcha should make life difficult for bots, but not for people . But in some form it should be in those places where bots can use the site for their own selfish purposes (flood, etc).

    A couple of pictures of version 2.0 (for the development of interest), and welcome to habrakat.


    Global change


    As you can see, a lot has been changed. Firstly, the background now has not a uniform, but a complex structure. For example, multi-colored waves that mix using transparency. Secondly, the text output function has been changed - now each individual character is displayed in different fonts and sizes, and not as before - all text. And thirdly, the text is displayed in transparent colors on a complex background. The experiment showed that on any shades of the background (both light and dark) captcha is equally readable for the user and equally difficult for bots to recognize.

    Code


    I will not post the “sheets” of the code here, but rather I will devote the article to analyzing your criticism of the previous work. And you can see the code itself on pastebin . It is not optimal, in some places it can clearly be improved, but he does his work and does well.

    "Debriefing"


    zlobin wrote : The main thing is for the captcha to be read by people, otherwise it happens that it is impossible to read it. We have to close the site and leave it.
    It is a fact. As I said in the disclaimer, we work with people . And captcha is done primarily not against them, but for them. So that there is no spam, flooding, etc. If the user is obliged to enter it with every move, he, of course, will leave the site faster than he came. But if you install captcha only where it is absolutely necessary - for example, in filtering messages too often, or during registration - even if the captcha fails to be entered for the first time, the server will immediately issue a second one. It takes a few seconds to enter it, and if the user really needs to register or send something, he will enter it.

    northicewind wrote : In most cases, “playing with flowers” ​​creates more interference for users than bots. Since the latter often before parsing bring the picture to monochrome
    As practice with this captcha has shown, bringing it to monochrome does not at all simplify its recognition. Transparency and random colors do their job - recognizing something is now more difficult. And if you play around with transparency values, offsets, and so on - you can reduce the number of potentially recognizable captcha to an absolute minimum, without reducing its readability by the user.

    Voenniy wrote : What is the point of these complications of captcha, if there is antigate.com, where you will solve all these pictures for a penny.
    I have known about this service for a long time, and I have to deal with it from the other side - from the side of the script that gives the picture. All kinds of filtering, etc. It’s clear that you won’t filter everything - those who really need it will enter captcha at least manually. But the main stream of “kulhackers” can be eliminated.

    om2804 wrote a good comment , which indicated a lot of minuses. I will not quote, because the whole article, in fact, is the answer, and quoting without an answer is not the case. I say special thanks to him.

    Well, I'm waiting for new criticism.

    UPD: Many, perhaps, perceive the code from this article as a guide to action, as a ready-made example. Let me disappoint you, it is not. There are many flaws. For example, replacing PNG with JPEG, turning on Progressive mode and setting the quality to 85%, I reduced the “weight” of the image by an average of 5-6 times. And after playing a little with the values, I achieved these results. There is no limit to perfection, but everyone should strive for it. And I'm not alone;)

    Also popular now: