Botverify Features
BotVerify supports the following key features:
- Over 50 CAPTCHA styles.
- More than 10,000 variety of CAPTCHA output textures.
- Custom CAPTCHA key length.
- Custom CAPTCHA image width and height.
- Custom CAPTCHA font face, font size and font style. You can add variety of fonts.
- Custom CAPTCHA border color, border width.
- Audio support - Audio CAPTCHAs help visually impaired individuals navigate the Web easily.
- Choose between alphanumeric, alpha and numeric key format.
- Image or Flash support.
- Choose between jpg, gif, bmp, png and swf CAPTCHA output format.
What is CAPTCHA
A
CAPTCHA (an initialism for "
Completely
Automated
Public
Turing test to tell
Computers and
Humans
Apart", trademarked by Carnegie Mellon University) is a type of challenge-response test used in computing to determine whether or not the user is human. A CAPTCHA involves one computer (a server) which asks a user to complete a test. While the computer is able to generate and grade the test, it is not able to solve the test on its own. Because computers are unable to solve the CAPTCHA, any user entering a correct solution is presumed to be human. (Source :
Wikipedia)
Applications
CAPTCHA tests have several applications for practical security, including (but not limited to):
Online Polls. In November 1999, http://www.slashdot.com released an online poll asking which was the best graduate school in computer science (a dangerous question to ask over the web!). As is the case with most online polls, IP addresses of voters were recorded in order to prevent single users from voting more than once. However, students at Carnegie Mellon found a way to stuff the ballots using programs that voted for CMU thousands of times. CMU's score started growing rapidly. The next day, students at MIT wrote their own program and the poll became a contest between voting "bots". MIT finished with 21,156 votes, Carnegie Mellon with 21,032 and every other school with less than 1,000. Can the result of any online poll be trusted? Not unless the poll requires that only humans can vote.
Free Email Services. Several companies (Yahoo!, Microsoft, etc.) offer free email services. Most of these suffer from a specific type of attack: "bots" that sign up for thousands of email accounts every minute. This situation can be improved by requiring users to prove they are human before they can get a free email account. Yahoo!, for instance, uses a CAPTCHATM test of our design to prevent bots from registering for accounts.
Search Engine Bots. It is sometimes desirable to keep webpages unindexed to prevent others from finding them easily. There is an html tag to prevent search engine bots from reading web pages. The tag, however, doesn't guarantee that bots won't read a web page; it only serves to say "no bots, please". Search engine bots, since they usually belong to large companies, respect web pages that don't want to allow them in. However, in order to truly guarantee that bots won't enter a web site, CAPTCHATM tests are needed.
Worms and Spam. CAPTCHATM tests also offer a plausible solution against email worms and spam: "I will only accept an email if I know there is a human behind the other computer." A few companies are already marketing this idea.
Preventing Dictionary Attacks. Pinkas and Sander have also suggested using CAPTCHATM tests to prevent dictionary attacks in password systems. The idea is simple: prevent a computer from being able to iterate through the entire space of passwords.
*
CAPTCHA is a trademark of Carnegie Mellon University. (Source :
CAPTCHA.net)
BotVerify for ASP
BotVerify for ASP.NET
