Site security CAPTCHA authentication code is easy to identify

Internet security company Imperva recently discovered, called "CAPTCHA" query / response technology can easily be identified. The verification code is written by a computer program, and its ultimate purpose is to distinguish between a person and a computer. Imperva’s report says, "one of its inherent flaws is the ability to recognize an artificial attack. Therefore, a verification code does not play a role in protecting the security of the site."

in addition, there is a drawback is that some of the code may not be well identified, resulting in some people can not be verified. In order to solve this problem, Imperva suggested that you can use some mini games to replace the identification code.

 

Imperva report file: (PDF download http://s.imperva.com/docs/HII_a_CAPTCHA_in_the_Rye.pdf)

Leave a Reply

Your email address will not be published. Required fields are marked *