Implementing CAPTCHA

Forum|Forum|11 years ago
July 12, 2014
2 replies
1667 views

Hi,

Currently, the application is using Cold Fusion 9. Soon to upgrade to Cold Fusion 10 or 11.

I would like to implement CAPTCHA on the login page.

Is there any information on how to implement CAPTCHA in Cold Fusion?

Thanks,

Mike

This topic has been closed for replies.

Correct answer Endboss_ZA

tribule wrote:

We use simple sum captchas now e.g. "what is X+Y". Saves using cfimage tags. We find this much easier.

This is a far better strategy than the Captcha itself.

Alternatively you can use a hidden field and not submit the form if it has any data in it (as bots generally fill in everything, hidden or not)

T

tribule

Legend

We use simple sum captchas now e.g. "what is X+Y". Saves using cfimage tags. We find this much easier.

E

Endboss_ZACorrect answer

Inspiring

tribule wrote:

We use simple sum captchas now e.g. "what is X+Y". Saves using cfimage tags. We find this much easier.

This is a far better strategy than the Captcha itself.

Alternatively you can use a hidden field and not submit the form if it has any data in it (as bots generally fill in everything, hidden or not)

T

tribule

Legend

I have found that bots overcome hidden fields and don't forget bots can submit to remote pages in isolation, so you should always check for submissions for referrers or IP addresses as best practice as well. The best sort of summation (x+y) captcha is to create two random number variables (x and y), add them together and perhaps also add another random value on to to this, also kept in memory, perhaps a application variable known only to the server, encode the whole sum (base 64 would be ok to overcome most bots, but you could hash it with better encryption functions in CF if you wanted). Then when user submits the answer, you decrypt your answer with the application variable key, and then compare them. If they match, the user is most likely human! Image captchas are a pain since they are often so complex they drive users mad.