Menu

Joomla Blog

Tutorials, reviews, case studies and other tips to help website owners and website developers master the Joomla content management system.

Captcha Wants to Know - Are You a Human?

Captcha Wants to Know - Are You a Human?

 

The web service "Are You a Human" provides a very different way to challenge form submitters than the traditional hard to read random words and characters we've all come to know and hate. By replacing the standard CAPTCHA images with small interactive games called PlayThrus, Are You a Human makes an effort to stop spambots more effectively while making it easier, and more fun, to interact with this security challenge.

CAPTCHA has been around in its current form probably since the beginning of this century. Even if you've never heard the term, you've undoubtedly struggled to decipher CAPTCHA images on websites. There have been other problems with this technology as well, such as accessibility issues for those with sight impairment and other disabilities. There have been several attempts to improve CAPTCHA, including reCAPTCHA and then of course this more recent approach of using PlayThru games as a test to prove your humanity.

What got us thinking about trying this out is the fact that we ran across the extension "PlayThru Captcha" on the JED. We're always looking for great alternatives to CAPTCHA, so we tried it out. Here's how it went.

The installation is very simple. Grab the extension from the JED, then install as normal. Once the extension is installed, you will be directed to register with Are You a Human. You'll then be given two keys that you must paste into the Plugin. Once you've done that and enabled the Plugin, you can go to Global Configuration and set Captcha - PlayThru as your Default Captcha setting. This should enable the service on your core contact forms.

Here are some screen shots of the process:

 

After successful install, you'll need to register at areyouahuman.com

registration-link

 

Once you've registered, you'll be given site keys to put into the Plugin

site-keys

 

Enter your site keys and enable the Plugin

plugin-site-keys

 

After setting Default Captcha to Captcha - PlayThru in Global Configuration you will see the service show up in your forms

contact-form

 

And here's what one of the PlayThrus looks like

contact-form-playthru

 

On registering for the Are You a Human website, I had to play a game that asked me to "Make Pancakes". I love pancakes, and I have made pancakes many times; however, I have to admit it took me several seconds to figure out exactly what the game was asking me to do. I also have to wonder if that brief detour in thought would be enough to send some visitors away. What made things worse is that when I finished the game, I was told that I had not completed the PlayThru successfully and was given an error. What??!! Me, not making pancakes properly? I doubt that. I did successfully "Put the aliens on the planet" on my second PlayThru attempt though.

Some of the games actually do take a little thought. This is probably enough to stop the vast majority of even the smartest spambots out there, but it also seems enough to put some of your potential form submitters off as well.

In the end, whether or not this system works for you depends very much on the tone of your website and the patience of your visitors. Some will engage with this shiny new thing, and some will be annoyed and run away.

You can have a quick look at a demo of a PlayThru here.

Now that we've installed it and played with it a bit, we'd love to know what you think. Can you see this CAPTCHA alternative as being useful? If so, what is the tone of your website and your audience demographic? Leave us a comment and let us know.

Rate this blog entry:
Testing and Troubleshooting the User Experience
Build a Wordpress Website

Related Posts

 

Comments 15

Richard Pearce on Thursday, 07 March 2013 13:08

Personally I think this one is too clever.

Do I want to see a better Captcha solution for Joomla? Yes. Is this the answer? Well ... I won't be implementing it on this website.

0
Personally I think this one is too clever. Do I want to see a better Captcha solution for Joomla? Yes. Is this the answer? Well ... I won't be implementing it on this website.
Ian Hayward on Thursday, 07 March 2013 19:27

Much as I detest captcha - me nor. I've ended up using EasyCalc - http://extensions.joomla.org/extensions/social-web/social-share/social-auto-publish/9347 - it's easy just so long as you can manage a bit of simple maths.

I used to use OSOLCaptcha a lot too - it was very easy to read and the colours could be configured to match the site. However it took them ages to bring out a 2.5 version which, although available now, doesn't fill me with confidence about their ability to provide a version for 3.5 promptly.

What WOULD be interesting to know, is how effective these different methods are? Which do the best screening job?

0
Much as I detest captcha - me nor. I've ended up using EasyCalc - http://extensions.joomla.org/extensions/social-web/social-share/social-auto-publish/9347 - it's easy just so long as you can manage a bit of simple maths. I used to use OSOLCaptcha a lot too - it was very easy to read and the colours could be configured to match the site. However it took them ages to bring out a 2.5 version which, although available now, doesn't fill me with confidence about their ability to provide a version for 3.5 promptly. What WOULD be interesting to know, is how effective these different methods are? Which do the best screening job?
Robert Wilson on Thursday, 07 March 2013 20:02

Thanks for the comment Ian. We actually have plans to look at EasyCalcCheck PLUS as well as a comparison in a future post.

By the way the link to ECC+ is:
http://extensions.joomla.org/extensions/access-a-security/site-security/captcha/11964

The link you gave went to a different extension.

Thanks again!

0
Thanks for the comment Ian. We actually have plans to look at EasyCalcCheck PLUS as well as a comparison in a future post. By the way the link to ECC+ is: http://extensions.joomla.org/extensions/access-a-security/site-security/captcha/11964 The link you gave went to a different extension. Thanks again!
Ian Hayward on Thursday, 07 March 2013 20:09

Oops! Thanks Robert.

0
Oops! Thanks Robert.
Pierre Cornelissen on Friday, 08 March 2013 18:39

Hmmm.. Ok for the correcct themed website.

I use EasyCalcCheck PLUS and to data had only one single compormise; might have been some or other glitch, will not know. I have send Victor Vogel a thank you note via PayPal - worth it.

0
Hmmm.. Ok for the correcct themed website. I use EasyCalcCheck PLUS and to data had only one single compormise; might have been some or other glitch, will not know. I have send Victor Vogel a thank you note via PayPal - worth it.
Sue on Friday, 08 March 2013 23:38

Les Arbres Design have a good contact form extension that has a novel CAPTCHA which has been popular with some people I have made sites for - FLexicontact - ideal for the less business orientated website

http://www.lesarbresdesign.info/extensions/flexicontact

0
Les Arbres Design have a good contact form extension that has a novel CAPTCHA which has been popular with some people I have made sites for - FLexicontact - ideal for the less business orientated website http://www.lesarbresdesign.info/extensions/flexicontact
Guest - Annika on Saturday, 09 March 2013 00:38

Love this! Only problem is I can't (easily) us it in Fox contact and RSmonials... or do I? :) (hate that I have to submit reCaptcha right now! ;) )

0
Love this! Only problem is I can't (easily) us it in Fox contact and RSmonials... or do I? :) (hate that I have to submit reCaptcha right now! ;) )
Ian Hayward on Saturday, 09 March 2013 03:38

Chris at Les Arbres is a good guy, very helpful - I know some of his other extensions and they are excellent.

0
Chris at Les Arbres is a good guy, very helpful - I know some of his other extensions and they are excellent.
Sue on Saturday, 09 March 2013 11:58

I agree with Ian...... I have used Les Arbres Rentalot extension too and Chris and Zeanne there are extremely helpful.... and knowledgeable- they would be happy to answer any queries I'm sure

0
I agree with Ian...... I have used Les Arbres Rentalot extension too and Chris and Zeanne there are extremely helpful.... and knowledgeable- they would be happy to answer any queries I'm sure
Guest - kal@webmaisterpro.com on Monday, 11 March 2013 21:02

I haven't use it, but have use re-captcha in the past. Quite true that 50% of commenters fail to put the code properly. Currently only use in-build captcha which seems to do better job, but I moderate comments. Joomla is getting more and more popular and EasyBlog and Komento also leave footprints which spammers already know about.

0
I haven't use it, but have use re-captcha in the past. Quite true that 50% of commenters fail to put the code properly. Currently only use in-build captcha which seems to do better job, but I moderate comments. Joomla is getting more and more popular and EasyBlog and Komento also leave footprints which spammers already know about.
Robert Morton on Thursday, 14 March 2013 02:01

Interesting information. I hate normal captcha as I quite often get the first or even second attempt wrong.

Whilst it's not a captcha, have you tried the "SpambotCheck" plug-in by vi-solutions (there are versions for Joomla 2.x.x and 3.x.x) which can check a number of database for spam email addresses and IP addresses not only when a user registers but also every time they log onto your Joomla site.

http://extensions.joomla.org/extensions/access-a-security/site-security/spam-protection/14027

One of the first extensions that I added to the Joomla site that I'm developing was the "SpambotCheck" plug-in. However I will check out the other suggestions here for a "belt & braces" approach.

0
Interesting information. I hate normal captcha as I quite often get the first or even second attempt wrong. Whilst it's not a captcha, have you tried the "[b]SpambotCheck[/b]" plug-in by vi-solutions (there are versions for Joomla 2.x.x and 3.x.x) which can check a number of database for spam email addresses and IP addresses not only when a user registers but also every time they log onto your Joomla site. http://extensions.joomla.org/extensions/access-a-security/site-security/spam-protection/14027 One of the first extensions that I added to the Joomla site that I'm developing was the "SpambotCheck" plug-in. However I will check out the other suggestions here for a "belt & braces" approach.
Robert Wilson on Thursday, 14 March 2013 04:10

Interesting Robert....we'll have to check this one out too.

What drawbacks have you found with this one?

0
Interesting Robert....we'll have to check this one out too. What drawbacks have you found with this one?
Robert Morton on Thursday, 14 March 2013 22:27

Hi Robert,

I'm still testing/developing my site so have had no problems with it. However when I first used it I had a few requests for tweaking the response message to the user depending on the whether the refusal/block occurred when registering or at login. So the author is quick to make changes.

One thing that I have found when testing the login of a known spammer, always create the user via the admin end with a spare email address that you own and then change the email address to a known spammer so that you can test login refusal - otherwise Joomla sends an email to the spammer's email address when you create the test user and you don't want that to happen!

If you check the SpambotCheck forum, you will find a post about a module called "mod_spambotcheckDisplay_v1.0" that was written by "sozzled" (post and module):
http://www.vi-solutions.de/en/forum/15-joomla-plugin-plgspambotcheck

The module mod_spambotcheckDisplay_v1.0 shows the number of users blocked when registering a new account and also when logging on. A demonstration of the output appears on the right-side of the pages at http://www.kunena.org/forum . So the Kunena forum would appear to use the SpambotCheck plugin.

0
Hi Robert, I'm still testing/developing my site so have had no problems with it. However when I first used it I had a few requests for tweaking the response message to the user depending on the whether the refusal/block occurred when registering or at login. So the author is quick to make changes. One thing that I have found when testing the login of a known spammer, always create the user via the admin end with a spare email address that you own and then change the email address to a known spammer so that you can test login refusal - otherwise Joomla sends an email to the spammer's email address when you create the test user and you don't want that to happen! If you check the SpambotCheck forum, you will find a post about a module called "mod_spambotcheckDisplay_v1.0" that was written by "sozzled" (post and module): http://www.vi-solutions.de/en/forum/15-joomla-plugin-plgspambotcheck The module mod_spambotcheckDisplay_v1.0 shows the number of users blocked when registering a new account and also when logging on. A demonstration of the output appears on the right-side of the pages at http://www.kunena.org/forum . So the Kunena forum would appear to use the SpambotCheck plugin.
Tristan Montano on Thursday, 14 March 2013 12:56

Interesting. I'll think about this for one website I run, although at the moment I'm getting by with a very simple solution: I turned off registration and require people to email me to register for the site. At the moment, that seems to be enough.

There's another site that I don't control the programming for but have admin privileges, where I made a very simple change: people who want to register have to answer a question. We use very simple questions. For example, "Who was the last US President to die in office?"

As long as each webmaster makes up his/her own questions, it seems to stop the spambots while allowing real people through.

0
Interesting. I'll think about this for one website I run, although at the moment I'm getting by with a very simple solution: I turned off registration and require people to email me to register for the site. At the moment, that seems to be enough. There's another site that I don't control the programming for but have admin privileges, where I made a very simple change: people who want to register have to answer a question. We use very simple questions. For example, "Who was the last US President to die in office?" As long as each webmaster makes up his/her own questions, it seems to stop the spambots while allowing real people through.
Tristan Montano on Friday, 15 March 2013 10:17

Nope, not for me. If you read the terms and privacy info, you'll find this:
Your Website’s Users’ Personal Information and Privacy
As long as you use the Services you agree to publish and maintain a privacy policy on your websites. The privacy policy should be clearly written and should be prominently linked from the your website’s home page. You are responsible for ensuring that your relationship with Are You a Human, as described herein, is in compliance with your privacy policies.
You agree that, at a minimum, your privacy policy will prominently and clearly disclose:
i. the nature and scope of the automatic collection and use of non-personally identifiable information on your website;
ii. that you share certain non-personally identifiable information with third parties for tailoring advertisements to end users on your websites and on other websites;
iii. that you collect personally identifiable information that your website’s end users have voluntarily disclosed in response to an advertisement, and
iv. that you share such personally identifiable information with third parties.

0
Nope, not for me. If you read the terms and privacy info, you'll find this: Your Website’s Users’ Personal Information and Privacy As long as you use the Services you agree to publish and maintain a privacy policy on your websites. The privacy policy should be clearly written and should be prominently linked from the your website’s home page. You are responsible for ensuring that your relationship with Are You a Human, as described herein, is in compliance with your privacy policies. You agree that, at a minimum, your privacy policy will prominently and clearly disclose: i. the nature and scope of the automatic collection and use of non-personally identifiable information on your website; ii. that you share certain non-personally identifiable information with third parties for tailoring advertisements to end users on your websites and on other websites; iii. that you collect personally identifiable information that your website’s end users have voluntarily disclosed in response to an advertisement, and iv. that you share such personally identifiable information with third parties.

Free Joomla TutorialLearn Joomla for free with our 16 lesson, 2 hour course.

Get Started