Tuesday, August 07, 2007

CAPTCHA Context

Are there no standards for Captcha difficulty?

Some are trivial, others (like this one from Facebook) have me squinting at the screen trying out different letters.

Do sites go through a 'Catcha Complexity Review Process' before deciding on the appropriate difficulty?

Do we need syntax to describe the things ala SAML's Authentication Context for describing how users login?

2 comments:

Timothy Parez said...

Don't believe there's a standard,
but I must say I love recaptcha.

It's well designed, quite easy for the user, helps others and very easy to integrate into other systems such as php, asp.net, etc....

(oh having trouble reading the captcha below btw)

Anonymous said...

There isn't a standard on specifying CAPTCHAs that are "complex" since it is somewhat hard to measure.

There are, however, attempts to standardize CAPTCHAs for usage with SIP & XMPP:

https://datatracker.ietf.org/drafts/draft-tschofenig-sipping-captcha/

http://www.xmpp.org/extensions/xep-0158.html

Ciao
Hannes