How do you create a form with a graphic security entry?

L

Larry Bud

Ok, I don't know what they're called, but you know the form: The page
displays a "code", usually on a similar color background (dark gray),
and the text is all squiggly.

It's an attempt to foil the bots that go out and process forms. The
user has to type in the code they see, when the graphic itself should
be unreadable by character recognition engines.

So, how are the graphics generated, and how do you implement this?

Any links to resources would be appreciated. It's hard to find any
articles when I don't know what to call it!
 
M

McKirahan

Larry Bud said:
Ok, I don't know what they're called, but you know the form: The page
displays a "code", usually on a similar color background (dark gray),
and the text is all squiggly.

It's an attempt to foil the bots that go out and process forms. The
user has to type in the code they see, when the graphic itself should
be unreadable by character recognition engines.

So, how are the graphics generated, and how do you implement this?

Any links to resources would be appreciated. It's hard to find any
articles when I don't know what to call it!


What is the word verification option?
http://help.blogger.com/bin/answer.py?answer=1203

How to Spoof-proof Your Logins
http://www.devx.com/dotnet/article/21308/
 
L

Lee Carnell

Larry Bud said:
Ok, I don't know what they're called, but you know the form: The page
displays a "code", usually on a similar color background (dark gray),
and the text is all squiggly.

It's an attempt to foil the bots that go out and process forms. The
user has to type in the code they see, when the graphic itself should
be unreadable by character recognition engines.

So, how are the graphics generated, and how do you implement this?

Any links to resources would be appreciated. It's hard to find any
articles when I don't know what to call it!

When I wrote one of these modules a few years back I used ASPImage to create the
graphic - My code created a random number which was then 'fused' (using
ASPImage) onto an existing background image and saving it under a different name
(I used the Session id for the graphic name).

Next the random number is encrypted using SHA256.

The registration form presents the graphic plus an entry field to re-type the
numbers and the encrypted random number is passed in the form via a hidden
field.

On the form processing page the user entered number is encrypted and that string
is evaluated against the value passed via the form. There are other various
checks carried out on the other data entered from the registration form.

YMMV

Lee
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Members online

Forum statistics

Threads
473,744
Messages
2,569,483
Members
44,902
Latest member
Elena68X5

Latest Threads

Top