We are living in a sea of web where every kind of creator is flourishing and many are actually harmful to us. They constantly put threats for us in many forms. Some are attempting to degrade, defile, compromise, shut down, or simply take advantage of your Web presence. You have to fight back with security patches, input validation checks, encryption, running with least privilege, reducing possible attack surface, and a myriad of other secure coding techniques.
Attackers are using same machine we use and that is a computer. It has great power to create as well as to destroy. They use power of destroy and can harm us many ways. For instance you have set up an inquiry page on your site. One day attackers attack on your site and generate thousands of false inquiry in your mail box through inquiry page of your site. In other instant you have an ecommerce website and there is separate provision for user registration. One day you found that there are few thousands users were registered at a time! This is work of Spambots and they are ubiquitous. They fill forms on web sites, send SMS via web-interface, take part in online polls, they just do all those things you expect from a real human. In all such circumstances you will have painful experience and you will think of a device which can recognize users as human being. Means you need to differentiate machines from human beings.
In 1950 Alan Turing has devised a test where human differentiating between computer and human. He put human in one room and machine in another room and asked some question. Based on those questions he recognized human from the computer. The sharp reverse thing occurs in our case where a machine has to recognize a human from computer. Therefore, later on many worker has contributed in this work and developed a system that is called “Completely Automated Public Turing Tests to Tell Computers and Humans Apart,” or CAPTCHA. In 2000 Ahn and Blum from Yahoo had presented a paper on CAPTCHA in which they had distorted some words and images such a way that only human can recognize it. Later on researchers from Microsoft has done admirable work for CAPTCHA and proposed a set of HIP design guidelines that assure that a HIP puzzle is both secure and usable.
To have a good puzzle is a key to success in CAPTCHA. There are lots of devices available to form CAPTCHA like Texts, images, Texts and images both, ASP DOT NET CAPTCHAs are available in the market. You can get it either free or paid. Here is list of great commercial solutions.
BotDetect ASP DOT NET CAPTCHA
It is specially design for ASP DOT NET forms. It has many good features like:
• 50 different CAPTCHA algorithms
• Audio CAPTCHA support
• Built-in ‘Reload CAPTCHA’ button
• ASP DOT NET Ajax, ASP DOT NET MVC and ASP DOT NET control frameworks (from Telerik and other vendors) compatible
• Custom CAPTCHA image size
• JPEG, GIF, PNG and BMP CAPTCHA image formats
• Custom CAPTCHA code length
• Choose between alpha, numeric and alphanumeric CAPTCHA codes
• Validates properly when pages with CAPTCHA are simultaneously open in multiple browser tabs
• Produces XHTML 1.1 Strict and WCAG compliant markup
• Visual Studio DOT NET 2008, 2005 and 2003 Designer support
This CAPTCHA has been designed to protect forms from the spambots that are processed using ASP (Active Server Pages) scripts.
• Does not require external components, ActiveX components or additional installations into your web Server. All the code is 100% standard ASP.
• When the user enters a wrong CAPTCHA code and is taken back to the form, all the fields are refilled automatically, this avoid the retyping of the entire form data again. You don’t need extra steps to get this feature and the forms are refilled automatically even on static HTML pages.
• You can adapt the CAPTCHA appearance to match your web site design.
• No hand coding required. You can do everything from Dreamweaver in design mode.
This server provides CAPTCHA images you can use in html-forms. CAPTCHA images can prevent forms to be used by robots.
This is an image based solution. It can protect your site, webpage, forms, etc from malicious programs. Against the text based services it is easier to use and it is free too.