November 21, 2012 in Feedback
So after reading about the addition of keyCaptcha as an option starting with 3.4 (great job btw), a couple of people mentioned about using the Q&A and I had this little idea come to me. IPS hosted Q&A's, another service for those with active licenses.
Offer different themes/categories to choose from as far as what types of Q&A's are to be used, so that admins aren't required to come up with their own questions nor scout around to see what others are using. Keep track of what is used and if a particular Q&A combo is detected (by the SMS) to be letting a spammer in, it could be automagically flagged for review and taken out of circulation until it's been looked at. Not only that, but with the sharp and witty IPS developers at the helm, some questions could be dynamically generated, such as using random numbers as part of the question of picking from a pool of random words, etc. That way, the question 'record' being used might be the same for several people but the actual question shown could be different for each person. Could also have dynamic answers, so that the same question 'record' would have a different answer each time.
As a simple example, a question might be math related:
Solve this math problem, only use the numbers that are not words:
11 + two + 10 = [answer would be 21 of course]
Each time, the values could be different and the spelled out number could be different, as well as appearing in the first or last position as well.
Granted, that's a rather easy question that a bot could be easily programmed to figure out, but the overall concept is what matters. Of course, an admin wouldn't have to use it if they didn't want to (would have to opt-in to use it), or they could toggle an option to randomly use the IPS Q&A or they own, or to use both, if they want the benefit of IPS supplied Q&A as well as their own that might be specific to the theme of their community.
The only drawback that I see to this would be a language barrier. For that, those wanting to contribute their time could help provide translations or alternative questions for the Q&A's that get used. Let the admin also toggle which language(s) hey want their questions to pool from.. By that I mean an admin might want to use both English and Spanish, or French and Italian, etc. Obviously, it would be on the admin to make sure they are selecting languages that their community visitors would know. Then when used, pick from a pool of available Q&A's that fit the chosen language(s).
I mentioned above about categories and also detection of Q&A's that don't stop a spammer.. To add on to each, for the categories, someone running a community about music obviously wouldn't want something like automotive questions for their community to answer, while a community about sports cars would welcome it. Someone joining that community would be more likely to know what company makes a certain type of car. For the detection, it could also be detected which Q&A's are encountering difficulty by visitors determined to be legitimate users. Since you (IPS) have the SMS data on your end, the Q&A's could be kept track of to later determine if a failed attempt stopped a spammer or a real person. If one is found to fail a lot by real people, then obviously that Q&A combo would need to be reviewed.
I'm sure many IPS clients would be more than happy to submit Q&A's to help populate the database. On a submission form, provide a list of categories to choose from, box for the question, dropdown type of answer (fixed or random/dynamic) along with notes about the question/answer. I say 'submit' because I imagine it would be chaotic to dig in a topic for ideas and if a spammer finds a set of questions/answers, it could easily defeat the purpose of it all.
Upon reading this further, it's an interesting concept - but I don't see why admins can't devise their own questions -- like on a motorcycle community: "What's a leading japanese bike: Kaw_____" (asaki)
It also wouldn't take much effort for spambots to start harvesting the answers, I wouldn't think.
It's a nice idea, but what would prevent the bots from harvesting the database? :smile:
It's certainly doable. Will give it some thought, thanks. :)
It's certainly doable. Will give it some thought, thanks. :smile:
I think it's a decent idea that could be certainly explored...In my forum it wouldn't really work because the Q&A challenge is kind of geared towards the audience in my forum.
This topic is now archived and is closed to further replies.
Started 14 minutes ago
Started October 7, 2020
Started April 9, 2019