Captcha 2.0 - work on bugs
Once again I greet all habra people.
My previous work had a number of flaws. I am glad that there were people who sensibly criticized her, and I am ready to improve. Fair.
As we all remember, captcha should not appear on every link. Captcha should make life difficult for bots, but not for humans . But in any form, it should be in those places where bots can use the site for their own selfish purposes (flood, etc).
')
A couple of pictures of version 2.0 (for the development of interest), and welcome to habrakat.
As you can see, a lot has been changed. First, the background now has not a uniform, but a complex structure. For example, multicolored waves, which are mixed using transparency. Secondly, the text output function has been changed - now every single character is displayed with different fonts and sizes, and not all of the text as before. And, thirdly, the text is displayed in transparent colors on a complex background. The experiment showed that on any hues of the background (both light and dark), captcha is equally readable for the user and equally difficult for bots to recognize.
I will not lay out the “sheets” of the code here, but rather dedicate an article to the analysis of your criticism to the previous work. And you can see the code on pastebin . It is not optimal, in some places it can clearly be improved, but it does its work, and it does well.
zlobin wrote : The main thing is that people read the captcha, but it happens that it is impossible to read it. We have to close the site and leave it.
It is a fact. As I said in the disclaimer, we work with people . And captcha is done first of all not against them, but for them. To avoid spam, flood, etc. If the user is obliged to enter it with each movement, he, naturally, will leave the site faster than he came. But if you put a captcha only where it is absolutely necessary - for example, in filtering too often sending messages, or during registration - even if you do not manage to enter the captcha for the first time, the server will immediately issue a second one. It takes a few seconds to enter it, and if the user really needs to register or send something, he will enter it.
northicewind wrote : In most cases, the “game with colors” creates more interference for users than bots. Since the latter often before the analysis lead the picture to monochrome
As practice has shown with this captcha, bringing it to a monochrome form in no way simplifies its recognition. Transparency and random colors do their work - to recognize something is now more difficult. And if you play around with the values ​​of transparency, offsets and so on - you can reduce the number of potentially recognizable caps to an absolute minimum, without reducing its readability by the user.
Voenniy wrote : What is the point in these complications of the captcha, if there is antigate.com, where you can figure out all these pictures for a penny?
I know about this service for a long time, and it is necessary to fight against it from the other side - from the side of the script that gives the picture. Any kind of filtering, etc. It is clear that you will not filter everything out - those who will really need it - will introduce captcha at least manually. But the main stream of “kulkhackers” can be eliminated.
om2804 wrote a good comment in which he pointed out many minuses. I will not quote, because the whole article is, in fact, the answer, and an unquoted quote is not the case. I tell him a special thank you.
Well, I am waiting for new criticism.
UPD : Many, perhaps, perceive the code from this article as a guide to action, as a ready-made example. Allow me to disappoint you, it is not. There are many flaws. For example, replacing PNG with JPEG, turning on the Progressive mode and setting the quality to 85%, I reduced the “weight” of the picture by an average of 5-6 times. Having played a little with the values, I achieved the following results. There is no limit to perfection, but everyone should strive for it. And I'm not alone;)
My previous work had a number of flaws. I am glad that there were people who sensibly criticized her, and I am ready to improve. Fair.
Disclaimer
As we all remember, captcha should not appear on every link. Captcha should make life difficult for bots, but not for humans . But in any form, it should be in those places where bots can use the site for their own selfish purposes (flood, etc).
')
A couple of pictures of version 2.0 (for the development of interest), and welcome to habrakat.
Global change
As you can see, a lot has been changed. First, the background now has not a uniform, but a complex structure. For example, multicolored waves, which are mixed using transparency. Secondly, the text output function has been changed - now every single character is displayed with different fonts and sizes, and not all of the text as before. And, thirdly, the text is displayed in transparent colors on a complex background. The experiment showed that on any hues of the background (both light and dark), captcha is equally readable for the user and equally difficult for bots to recognize.
Code
I will not lay out the “sheets” of the code here, but rather dedicate an article to the analysis of your criticism to the previous work. And you can see the code on pastebin . It is not optimal, in some places it can clearly be improved, but it does its work, and it does well.
"Debriefing"
zlobin wrote : The main thing is that people read the captcha, but it happens that it is impossible to read it. We have to close the site and leave it.
It is a fact. As I said in the disclaimer, we work with people . And captcha is done first of all not against them, but for them. To avoid spam, flood, etc. If the user is obliged to enter it with each movement, he, naturally, will leave the site faster than he came. But if you put a captcha only where it is absolutely necessary - for example, in filtering too often sending messages, or during registration - even if you do not manage to enter the captcha for the first time, the server will immediately issue a second one. It takes a few seconds to enter it, and if the user really needs to register or send something, he will enter it.
northicewind wrote : In most cases, the “game with colors” creates more interference for users than bots. Since the latter often before the analysis lead the picture to monochrome
As practice has shown with this captcha, bringing it to a monochrome form in no way simplifies its recognition. Transparency and random colors do their work - to recognize something is now more difficult. And if you play around with the values ​​of transparency, offsets and so on - you can reduce the number of potentially recognizable caps to an absolute minimum, without reducing its readability by the user.
Voenniy wrote : What is the point in these complications of the captcha, if there is antigate.com, where you can figure out all these pictures for a penny?
I know about this service for a long time, and it is necessary to fight against it from the other side - from the side of the script that gives the picture. Any kind of filtering, etc. It is clear that you will not filter everything out - those who will really need it - will introduce captcha at least manually. But the main stream of “kulkhackers” can be eliminated.
om2804 wrote a good comment in which he pointed out many minuses. I will not quote, because the whole article is, in fact, the answer, and an unquoted quote is not the case. I tell him a special thank you.
Well, I am waiting for new criticism.
UPD : Many, perhaps, perceive the code from this article as a guide to action, as a ready-made example. Allow me to disappoint you, it is not. There are many flaws. For example, replacing PNG with JPEG, turning on the Progressive mode and setting the quality to 85%, I reduced the “weight” of the picture by an average of 5-6 times. Having played a little with the values, I achieved the following results. There is no limit to perfection, but everyone should strive for it. And I'm not alone;)
Source: https://habr.com/ru/post/133753/
All Articles