“Are you a human?”
“Please type the following text.”
As website visitors, we’ve all seen these forms of security measures. They’re called Captcha, which is an acronym for “Completely Automated Public Turing test to tell Computers and Humans Apart”. Captchas are used as a security measure to protect websites from spam and abuse.
The general problem with Captchas is that they make things complex for humans as well. Let’s face it: We all hate Captchas, don’t we? There’s nothing more annoying than trying to post a comment on a blog and then having to decipher some squiggly letters and numbers.
Two easy ways for a better anti-spam strategy
In fact, it is also a challenge for web developers to create forms that are both user-friendly and secure. It is true that one of the most widely used methods to prevent spam submissions is Captcha. But with the ever-increasing sophistication of spam bots, we have to find new ways to protect our forms.
In this article we’ll explore two other methods, honeypots and timed submissions that are both more secure, accessible and user-friendly than Captchas.
Our favorite is the anti-spam honeypot
What is a honey-pot?
A honeypot is a hidden field in your form that should not be filled out by humans (and should be empty when submitted), but will be automatically filled out by bots and then used to identify spam. The theory is simple: If the honeypot field contains data, it must be a bot — and if it’s a bot, we can ignore its submission.
How to implement honeypot
Here’s are two ways how you can implement a simple honeypot:
Here’s an example:
<input type=”text” name=”name” /> <!– human-readable field –>
<input type=”text” name=”hp” class=”hp” /> <!– hidden field for spam bots–>
Here is the CSS to hide the field
2. Give the honey pot field a name like email_address or homepage_url . These are spammy names to give fields because no legitimate visitor would ever put their email address into an email_address field or their own URL into a homepage_url field. Spammers often try to trick us by putting their own URLs into those fields, so we should use those as our honey pots instead of legitimate fields like name or company.
Time-based forms: The second-best Captcha alternative
How time-based forms work
We’ve made your life easy with formX’s anti-spam feature
Leave a Reply