[_] Activation e-mail || CAPTCHA ?
Oliver Humpage
oliver at watershed.co.uk
Mon Nov 12 10:53:57 GMT 2007
on 12/11/07 10:47, Matt Kane at ascorbic at gmail.com wrote: > I've often heard about this potential flaw with captchas, but are > there any recorded cases of this actually happening? The fact that there are hundreds of thousands of fake hotmail/aol/etc email accounts, all of which need captchas to sign up? Either they've got very good OCR or are cheating. It's unlikely it'll happen to a small site though, not worth their time. Things like the phpbb default captcha system got hacked because so many places use it, but if you use a less well-known system you should be fine. Thoroughly recommend freecap: http://www.puremango.co.uk/cm_php_captcha_script_113.php (do *not* google it and click on the freecap.ru result) Oliver.