Another suggestion from me: a lot of us are experiencing a significant uptick in spambot registrations that are getting past Captcha. Hence, I'd like to suggest the ability to put some variables (color palettes, fonts, distortions, captcha image dimensions, captcha image backgrounds, etc.) into the hands of users as config items - allowing us to have significantly varied captcha images from IPB forum to forum. In that manner, it would be a little more difficult for spambots to register without human intervention...

No, they added this into phpbb and it was just a lot of bloat. No-one wants to configure their CAPTCHA images, they just want them to work.

A lot of spammers currently, are human. You can hire a service that will manually register (and confirm registrations) on forums, and post spam....

CAPTCHA has already been overhauled for 2.2, but I agree, this kind of control is really mostly useless. It should just be randomized behind the scenes.

A lot of spammers currently, are human. You can hire a service that will manually register (and confirm registrations) on forums, and post spam....

you've got to be kidding? you would at least expect that they make the post somewhat forum related then... :rolleyes:

If they are going forum to forum, etc... Why would they care :P?

They are very smart in that they spammed mine a little when nobody even posts on mine the past half year hardly. lol I have ahd such a hard time getting active people that many days I was getting 10, 20, 30 posts and that's it. They sure were going to gain something out of spamming to the 2 people who post. lol

In fact right now I have 5 people awaiting validation who are probably all spammers.

you've got to be kidding? you would at least expect that they make the post somewhat forum related then... :rolleyes:

Yeah bots usually don't confirm mail and such. (They can, but I've expected it to be humans spamming for awhile)

If it is *truly* random, that's fine. The problem is when it is not *actually* random, which AFAICT most of these captcha things currently aren't. They use the same handful of fonts the same kind of distortions, the same backgrounds... The net result is that it is fairly easy for automated scripts to get past them, and all they really do is inconvenience your real members.

If it is *truly* random, that's fine. The problem is when it is not *actually* random, which AFAICT most of these captcha things currently aren't. They use the same handful of fonts the same kind of distortions, the same backgrounds... The net result is that it is fairly easy for automated scripts to get past them, and all they really do is inconvenience your real members.

A computer cannot generate a true "random" event, since it can't close its eyes and, pick something at random. The best thing that can happen is several "random" events, that generate the closest thing to a random event.

The problem is, all it takes is an understanding of how the random event is generated, to be able to make an automatic script.

The problem is there is a finite number of backgrounds, fonts, and effects on the text that can happen. I have to believe with a little effort, it wouldn't take a lot of effort to cycle through ever used effect on the text, to generate a readable text.

** Little effort to somebody who knows how to do this sort of thing, I am far from an expert, but I do undertstand the issue with a computer trying to generate a random event **

If it is *truly* random, that's fine. The problem is when it is not *actually* random, which AFAICT most of these captcha things currently aren't. They use the same handful of fonts the same kind of distortions, the same backgrounds... The net result is that it is fairly easy for automated scripts to get past them, and all they really do is inconvenience your real members.

No such thing as random on a computer, and I wrote a C# CAPTCHA image generator that randomly distorts (wave distory) along with a change in font, color, outline of text, and the text itself.

Quite fun, but IPB can't use it :P oh well. Works really good too :)

No such thing as random on a computer, and I wrote a C# CAPTCHA image generator that randomly distorts (wave distory) along with a change in font, color, outline of text, and the text itself.

Quite fun, but IPB can't use it :P oh well. Works really good too :)

That's nice, Brandon has already said above that 2.2's CAPTCHA has been overhauled... just wait until you see 2.2's :)

Regrading user control of catpcha it's a waste of code and time. 2.2's captcha should stop bots indefinitely, but there will always be spam because as we know there are people who are actually hired to make spam posts.

Oh well :whistle:

That's nice, Brandon has already said above that 2.2's CAPTCHA has been overhauled... just wait until you see 2.2's :)

Regrading user control of catpcha it's a waste of code and time. 2.2's captcha should stop bots indefinitely, but there will always be spam because as we know there are people who are actually hired to make spam posts.

Oh well :whistle:

Awesome can't wait to see all these new 2.2 features in action :D

I don't really have too many problems with botting, of course I only got like 110 users and 9000 posts...