Comments on: The Argument Against CAPTCHAs

By: JJ

JJ — Sat, 04 Apr 2009 17:31:59 +0000

Darren,

I see that you are not using Captcha. What do you use to prevent spam? Which plugin do you use for “Notify me of future comments via e-mail”?

I am using Captcha and with 5k unique visitors / month I get only 2-3 comments / month!

By: Dr. Vino

Dr. Vino — Wed, 13 Dec 2006 00:46:49 +0000

My readers have called them sobriety tests!

By: Dustin

Dustin — Mon, 11 Dec 2006 15:31:57 +0000

I would have to add to the list that they are annoying. Personally, I use Akismet, and it has never failed (ok I think there was one false negative). Plus it learns, so the more site which use it, the more the rest of us benefit. And the users never notice the different – unless they are spam that is.

By: MJR/slef

MJR/slef — Thu, 07 Dec 2006 10:44:33 +0000

I don’t accept the “necessary evil” nonsense. The best way to stop spam comments on your blog is NOT to have all comments appear without moderation. Use robo-moderation to let in the safe things that tick all the boxes (no links AND no badwords AND from previously-seen addresses and so on) and then hand-moderate the remainder. “Default permit” has been a bad security idea since forever.

Reading the list above, I remember an eyetest blocking me from contacting Steve Pavlina to tell him that his site was broken (how many article views did he lose, I wonder?), and the all-too-common Wordpress math test plugin requires some particular undocumented browser settings (but it works with IE’s usual low security settings). Finally, blogger’s audio-captcha alternative to eyetest-captchas were returning 404 Not Found yesterday, but to contact blogger support you had to fill out a form… including a captcha! Duh!

The support for the “works for me”/”I’m alright Jack”/”blocking my spam is more important than accessibility” view by many blogs is disappointing. Open your comments up to all your readers, else they’ll go away when they notice you want to talk AT them instead of WITH them, just because they fail a math test or aren’t using your favourite browser setup.

By: Blog Merchant Accounts

Blog Merchant Accounts — Thu, 07 Dec 2006 08:20:35 +0000

I hate captchas. They don’t keep me from commenting, but they are often hard to read, and if hackers get around them, maybe one should just use Askimet.

It works great.

By: George

George — Wed, 06 Dec 2006 22:11:01 +0000

Vincent,

I like the math questions, better than captchas. Albeit, not being asked for anything at all is easiest for visitors. It’s an easy for visitors vs. easy for you question.

Aren’t customers always supposed to come first?

How important is ease of use?

- George

By: Murdoc

Murdoc — Wed, 06 Dec 2006 21:51:58 +0000

I’ve hesitated to use captchas for the exact reasons listed.

And, as has been noted, the volume of comments (both legit and spam) should be considered when deciding whether or not captchas make sense for a particular site.

A site that has fewer legit comments and a (relatively) low number of spams might not see captchas as so much of a hindrance as a site that gets (and wants) hundreds of legit comments a day.

FWIW, I’ve received about four hundred spams this afternoon. Those are just the ones that got through the filtering software an actually made it onto my site. And my site isn’t all that big.

400 will seem like a lot to many. But it is a tiny fraction of what some sites get.

By: john t unger

john t unger — Wed, 06 Dec 2006 19:19:03 +0000

I use CAPTCHAs on my blogs and it does bum me out… I’d rather that there was a less labor intensive way for readers to be distinguished from bots. Even with the CAPTCHAs, some spam gets through, but it’s much better than it was when I turned them off.

Two points in favor:

1. Since I have a comments feed, I feel very strongly that I need to do everything I can to save my readers from spam comments.

2. Sometimes, that extra step before posting a comment gives a reader just an extra moment to think about whether they really want to go on record with their comment. Also, it provides a moment to think about whether you’ve said all you need to say. I never use the “preview” feature of comments, but I have edited comments I was leaving to either include or delete part of the comment when I noticed something in the preview that usually comes up along with a CAPTCHA.

One point against:

I hate having to fill out the CAPTCHA myself when I leave a comment in response on my own blogs! I try to respond to most comments, so I end up having to fill out a lot more CAPTCHAs than I would if I were just commenting elsewhere!

By: Mark McGuinness

Mark McGuinness — Wed, 06 Dec 2006 18:42:20 +0000

I’d be more favorably disposed to captcha if so many of the messages were unreadable for humans as well as bots.

By: Vincent Chow

Vincent Chow — Wed, 06 Dec 2006 18:34:40 +0000

Is those mathematical question as bad? I’m not using CAPTCHA, but commenters on my blog need to answer a simple mathematic question before they can submit their comments. I’m quite sure users won’t have difficulties answering it as it’s not even involving number larger than 10.

What do you think about it? Should I remove it?

By: Stephanie

Stephanie — Wed, 06 Dec 2006 18:01:19 +0000

So far Akismet plus approving initial posts is working for me too. I only rarely have to delete a spam comment. I know spammers are always working to outsmart whatever is put in place, but so far things are going well for me without CAPTCHA on my blog.

By: George

George — Wed, 06 Dec 2006 18:01:18 +0000

The biggest problem is that in order to attempt to keep spammers from hacking captchas they get more and more distorted. For someone with vision problems like me, it’s a pain to figure out what the captcha says. I like systems that ask you ask a question like “what color is a green apple?” and you have to enter the word “green” to get past.

I have gotten to the point where I have stopped visiting some blogs that use captcha’s, because it’s too hard to participate when I want to.

By: Terry

Terry — Wed, 06 Dec 2006 17:46:24 +0000

I agree with Steve P. The Captchas are effective IF you can read them. I tried to buy some tickets on Ticketmaster the other day and the Captcha was so unreadable I gave up after 3 attempts. I ended up calling for tickets instead. It’s not very customer friendly to put such barriers in the way of ordering.

If the Captcha isn’t plain and readable, it should be pulled because you’re losing customers.

By: UltraRob

UltraRob — Wed, 06 Dec 2006 17:32:29 +0000

I hate the way Blogger uses Captcha for posting to my blogs. I’ve already logged in to my account so why can’t they set a cookie so I don’t have to enter the characters. I think they may be doing something with IP because there are times I don’t have to enter the characters but most of the time my IP gets translated. Nearly half the time I don’t the characters typed right because they’re so distorted and run together.

By: Blaine Moore (Run to Win)

Blaine Moore (Run to Win) — Wed, 06 Dec 2006 17:25:38 +0000

The difference for you, Steve, is that you do not have public comments on your website. Anybody that is submitting anything wants to get in touch directly with you and not with your audience.

By: Steve Pavlina

Steve Pavlina — Wed, 06 Dec 2006 17:08:16 +0000

I recently added a Captcha system to all the forms on my site. It uses a simple font with no distortion, so it’s easy for anyone to read. It’s been working beautifully. I wish I’d implemented it from the beginning. My wife liked it so much that I added it to her site too.

I used to get dozens of automated spam messages through my contact form every day. After putting up a simple Captcha system, the bots were stopped dead. It saves me a lot of time and was well worth the effort to implement it.

If anyone decides it’s not worth sending a message because they have to type 5 extra characters, so much the better — it only helps reduce noise.

By: Chris

Chris — Wed, 06 Dec 2006 16:48:28 +0000

I dislike captchas and often get them wrong when commenting on other sites — pretty annoying. But I use them on mine, and have no comment spam.

My options are limited by the fact that I’m a Joomla user and my third-party comments component uses Captcha by default. But it works well — for now.

I agree that we need better and more accessible solutions than Captcha. Accessibility is the chief concern. For now, though, I couldn’t do comments without it, even on my small site.

By: William

William — Wed, 06 Dec 2006 16:30:56 +0000

Plain and simple, I hate these things. Anymore if a blog uses one of these, I just leave. My time is valuable too. I do not mind if it is a one time thing for membership, but every time I have something to say in a comment field is too much.

By: Katy

Katy — Wed, 06 Dec 2006 16:00:44 +0000

I used to get a lot of Spam so I added a Captcha to my (self-developed) blog. It stopped the spam alright but my commenters had trouble too! Now I’ve swapped over to an Ajaxy interface which my commenters can use but (for the time being) the bots don’t seem to be able to access thanks to the javascript.

By: Farrell

Farrell — Wed, 06 Dec 2006 15:50:58 +0000

I have a Wordpress blog that started picking up lots and lots of spam comments.

I had Askimet successfully stopping that spam for awhile, but a few months ago it began to get overrun. It was catching hundreds of spam comments a week, but some were getting through as well. Too many.

I enabled a nice captcha plugin, and now the spam has stopped.

While I don’t like captcha as a user, I think it’s a necessary evil today. Most people who would comment on a blog anyway are familiar with it and the reasons it needs to be there. If the captcha is unreadable, that’s just a bad captcha implementation.