reCAPTCHA on CnV

by Suw on November 11, 2008

I’ve just installed reCAPTCHA and disabled comment approval on CnV to see firstly if this is a more effective way to ensure that spam comments don’t get through to the site, and also to see what you think of reCAPTCHA.

I’m really interested to know your opinions.

  • Have you not commented here before, because of my insistence on registration?
  • Do you prefer reCAPTCHA to registration?
  • Do you dislike reCAPTCHA? Why?
  • Do you think that reCAPTCHA is flawed? How?

I do have Akismet enabled and it’s relatively effective, although not perfect, but I’d like to stop the spam hitting the database at all, rather than have to clean it up afterwards.

So far, reactions to reCAPTCHA on Twitter have been mixed, but with many people more anti-reCAPTCHA than I would have expected. Several people have said that reCAPTCHA is an additional burden and that you, as commenters, shouldn’t have to pay for any tech issues, i.e. anti-spam measures, with the blog. There are also complaints that it’s inaccessible, and that the audio option doesn’t solve the problem because the has to be garbled to prevent it being automatically solved by bots. Someone else said that captcha (in general) is flawed, but hasn’t yet elaborated on what that flaw is, so if you think it’s flawed, please tell me why.

On the other hand, some people have said that they have refused to comment here because I have been tougher regarding registration than I used to be and that they would absolutely prefer to have reCAPTCHA than registration.

I’d like to have your opinion, and yes, you’re going to have to use the reCAPTCHA for now!

Will November 11, 2008 at 12:13 pm

I find having to register on blogs to comment a big turn-off, so while I don’t like captchas much, I prefer them to registration.

My one concern with reCAPTCHA is that the “work” element of solving one of the words doesn’t obviously provide a useful check so rather than using otherwise wasted time more efficiently, it’s adding extra work for little anti-spam benefit.

Suw November 11, 2008 at 12:41 pm

testing to see what happens if i get the captcha wrong

Suw November 11, 2008 at 12:42 pm

And again…

Suw November 11, 2008 at 12:44 pm

Ok… so if i get one letter wrong in each word, it seems to go through, but two letters wrong and it doesn’t.

Suw November 11, 2008 at 12:48 pm

From their wiki FAQ:

“One of the words displayed by reCAPTCHA is from an old book which is being digitized. As such it is not graded – it cannot. Indeed, occasionally it may be blank, or just a bit of noise.

“On the word that is checked, the user is (currently) allowed to be off by one letter. It has been found that this increases the user experience while not degrading security by a large amount. This is tuned dynamically based on many factors.”

Suw November 11, 2008 at 12:50 pm

@will recaptcha say that the amount of ‘work’ done is the same as normal captchas, so you’re not sacrificing much by typing in the extra word, and I suspect it may even be less than captchas that require you to type in random strings of characters. Not sure if it’s less work than, say, maths- or statement-based Turing tests though.

Vincent November 11, 2008 at 1:12 pm

Must admit I’m not keen on registration either. Haven’t come across reCAPTCHA before, but compared to other image verification checks at least the text you have to reproduce is relatively legible.

Owen Blacker November 11, 2008 at 1:55 pm

I don’t have any fundamental problem with reCaptcha™ per se, my problem is with captchas generically. With a strong astygmatism, I find captchas very difficult to read and the audio versions unintelligible (on the rare occasions I (a) have headphones and (b) don’t find it inopportune to listen to something at the time).

Personally, I’d much rather have to authenticate somehow — for a blog, I’d expect that to be with a generic ID (probably OpenID, but Google or Yahoo! IDs wouldn’t pticly surprise me any more).

Baiscally, my objections are twofold, then — captchas are inherently poor accessibility and not-great usability, but also they simply don’t work.

Undortunately, though, I don’t have a better suggestion for how to defeat comment spam. I gather passing all links via Google makes a little difference (which I’m sure you’ll already know far more about than I), but I’d personally go for registration of some kind (not necessarily maintained by you).

Melissa November 11, 2008 at 2:55 pm

Hmmm…I guess I don’t mind registering as long as I don’t have to remember my login/password (brain isn’t what it used to be). I do have a little trouble sometimes reading the funny letters (eyes aren’t what they used to be either). I don’t have a blog so I don’t know – do you really end up with a lot of spam comments if you don’t use these measures?

peter November 11, 2008 at 3:39 pm

I lost my utube account because I rushed in on the linked
openid thing google want now…
it’s always been a curse this log-in situation

hugh mcguire November 11, 2008 at 3:45 pm

I *hate* having to register to comment – I find it offensive somehow. Recaptcha is not ideal (ideal would be No Spammers), but I find it better implemented, works well (esp since I can get served other text if i can’t read the first), and it’s doing something useful.

So: yes to reCaptcha!

Björn B. November 11, 2008 at 5:57 pm

I really appreciate the fast way of entering some words than registering, even if it is only once.
It is one account NOT to administer.
So, if it is on me….stay with it please.

Suw November 11, 2008 at 7:12 pm

I have to say that so far, and having just spoken with the guy who leads the reCaptcha project, that I’m going to stay with it. I like being able to have moderation basically turned off – most of the commenters on this post are people whose names I don’t recognise, and whom I think have probably not commented here before. I like it that they can prove they are human and see their comment posted straight away, without having to wait for me to approve it.

Vicki November 11, 2008 at 8:39 pm

I like reCaptcha so much better than most Captcha systems. Aside from knowing that I’m helping to put a document online, I like thhe fact that the words are WORDS. That gives someone like me some extra help. If I’m not quite certain… is that a j, an i, or an l?… I can make a better guess from actual context.

(In general I loathe captchas because I fail at them so often. It’s frustrating.)

Steve Kane November 11, 2008 at 9:27 pm

Registering is a bit of a pain but once it’s done, it’s done., and you don’t have to enter your details every time.

These captcha thingies, though, are a pain in the arse, frankly. A good idea in principle but it’s not much bloody use if the security word is illegible. So many times I’ve given up because I keep getting the code wrong, so many comments gone unposted.

Then again, you may never get to read this comment if I can’t fathom out what code this ReCaptcha is asking me to type in…

Owen Blacker November 12, 2008 at 10:13 am

Actually, Vicki’s comment is quite pertinent — reCaptcha is at least a little better usability because they are (usually) words, which makes it a little easier to guess obscured letterforms.

I still hate captchas, though I do understand why you’d need to use one on a high-traffic blog :o)

Suw November 13, 2008 at 9:26 am

@steve: the nice thing about reCaptcha is that you can refresh the words until you can see a pair you can read. So you should never have the problem of not being able to read them. reCaptcha is also quite tolerant of mistakes – you get a leeway of one character in each word. I’m told their first go success rate is 96%, which isn’t too shabby.

@owen: yeah, i think having real words makes a huge difference. I’m a bit dyslexic and random strings of character are very hard for me.

Over all though, after talking to Luis I’m much happier with the idea of using reCaptcha permanently here. I get a lot of spam attempts on very old posts, and this should help slow that down.

Bob Iliff November 17, 2008 at 5:26 pm

Suw, I seldom comments to blogs, but I’ve gotten so much from your writings regarding software, I feel obligated. I don’t yet what pains I’ll go through (yet) posting this, but I was sorry to see you suffering from typing. So I had an idea to share with you…what if you could type with your tongue? Yes, I’ve invented the Mouth Mouse. I’m a little too old to go get a patent, so I thought I’d disclose the idea to you. It’s a cross between a keyboard and a retainer. Think this idea has merit?

Bob Iliff November 17, 2008 at 5:49 pm

And the reCaptcha thing was pretty painless…

Suw November 17, 2008 at 6:14 pm

Bob, I’m not sure that my wrists are so bad that I need to control my computer with my tongue. Hm, which leads me to wonder what RSI of the tongue would feel like…

Anyway, glad you didn’t find the reCaptcha too onerous!

John Rochester November 17, 2008 at 9:21 pm

Add me to the list of people who would much rather use reCaptcha than register. It takes almost no time to type two words, and you don’t have to maintain yet another name & password.

gatuköks glenn March 20, 2009 at 11:27 am

Hello just testing the recaptcha

Comments on this entry are closed.

Previous post:

Next post: