Does CAPTCHA help commenters feel safe?

Posted At : October 25, 2008 7:22 AM
Related Categories: ColdFusion

A couple of people in our community have ditched CAPTCHA recently to give CFFormProtect a try (Dan Wilson and Jason Dean). I'm glad I could help out some fellow CFers. :)

However, this got me thinking...what if you are commenting on a blog and you are afraid of getting spam from that blog sent to you? CFFormProtect allows the blog author to give you a plain comment form which appears to be devoid of protection. So I'm wondering...would this perceived lack of protection possibly scare commenters away from your blog? I don't know, but if so maybe we should have some text in the comment form like "This form is protected by invisible spam prevention", or something along those lines? What do you guys think?

Comments (10) | Print | del.icio.us | Digg It! | Linking Blogs | 847 Views
Comments
[Add Comment]
Personally although I might use cfformprotect if I maintained the code for my own blog (I don't, it's the riaforge copy of blogCFC that Ray maintains), I wouldn't use captcha either. For myself I'd prefer to use moderation and send comments to my own email with a link to either delete or approve in the email, so that my interface to the comments would be essentially all in the email. That would help on my end by reducing my maintenance overhead. As it is even with the captcha I still have to manually log in (to 2 different blogs even) and delete spam, which I do on a daily basis. Lately they've become pretty persistent and I've seen a given blog entry with 5-8 spam posts in spite of the captcha. Ray could of course make the captcha more complex (I think it's only 2-3 characters) but long captchas are problematic for the people who post. Fortunately I don't think there are many blind users wanting to post on my blogs, since it doesn't have an audio option.

I'm honestly not sure what people think of the captchas or lack thereof... I know that a number of people get upset when they see a captcha on MySpace (which I don't use, but Tiffany does). It may depend quite a bit on the group of users in question. Though my gut feeling is that people posting the comments are apt to be more annoyed by the captcha than they would be concerned about comment spam. But the only information I have to back that up is anecdotal.
# Posted By ike | 10/25/08 9:18 AM
Thanks for the insight, ike. To me, moderation is just as annoying as Captcha (from the user's perspective). Captcha is annoying, but if you can get past that you at least see your comment immediately. I think there is a bit of satisfaction seeing your comment appear on someone else's site...it's all part of the "Semantic Web" Tim Berners Lee has been talking about for years. Moderation gets in the way of that, but I will not question it's effectiveness at stoping spam, which is 100%.
# Posted By Jake Munson | 10/25/08 10:21 AM
From my perspective, I'm less likely to participate in Blogs that moderate. Partly because I am robbed of the Instant Gratification of my comment posting, and partly because in the past I've had perfectly good comments rejected just because the comment contradicted the blog owners article, I am less excited to post on moderated blogs. These days, I quite often abandon my comment and just don't bother.


Another downside of moderation is it slows down the conversation on blog articles. The comment conversation is where all the good bits are.....
# Posted By Dan Wilson | 10/26/08 8:40 AM
I agree with Dan. I hate waiting for my comment to get moderated so that someone can respond to it, only to then have to wait for their comment to get moderated.

Personally, as a commenter I don't give two shakes about whether or not a blog is using CAPTCHA. If I start getting too much spam from a thread, I will unsubscribe. As an accessibility proponent, I HATE CAPTCHA and I was VERY glad to hear about cfformprotect.
# Posted By Jason Dean | 10/26/08 2:04 PM
I've used CFFormProtect for almost two years now and it has only given me one false positive - meaning a certain spam-mail would get through. Then I've had a couple of people complaining they couldn't comment - it was due to the very short comments and words used. But it has saved me from deleting thousands and thousands of spam-mails. My blog gets bitten my bots regularly and without the overhead of deleting spam I actually get things done ;-)

We use CFFormProtect in all our company websites as well for all the websites of our customers. Furthermore I push it everywhere I go and comment - especially if there's a CAPTCHA present. I really hate those darn things! Use CFFormProtect instead!

I also feel a certain short informative message would be appropriate for the "clean" and "naked" CFFormProtect forms, but I'd let every user of the functionality decide whether or not to implement this.
# Posted By Sebastiaan | 10/26/08 11:30 PM
This part of your post struck me as funny: "you are afraid of getting spam from that blog sent to you". I mean if you have an email address, you get spam. Even if you never put it out there on a blog or whatever, some random email address generator is going to find you. Anymore I just rely on the spam-catching abilities of my email software (gmail, outlook, whatever) to help in this area.
# Posted By Matt Williams | 10/27/08 6:51 AM
Sounds like most agree that getting spam from a blog is not really a big concern for most folks. I was thinking along the same lines, but I wanted to get your opinions as well. Thanks for the feedback!

By the way, I have had a few users lately say that they can't get CFFP to work for them, so I am glad to hear that so many people are having success with it. This leads me to believe that the problems others are having could be user (or implementer) error.
# Posted By Jake Munson | 10/27/08 8:23 AM
I watched your CFMeetup recording in which you mention CFFormProtect but didn't recommend using it since it hasn't been updated recently. The latest on RIAForge is July 26, 2007. Is there any reason not to use this version? (Thanks for presenting to the Meetup group. Very useful.)
# Posted By Pam Richmond | 11/21/08 2:16 PM
Pam,

Yes and no. The current version works fine, however I am on the verge of releasing version 2.0 with some bug fixes and a new version (I've integrated Project Honeypot, which I discussed in the CF meetup preso you watched). So if you have a pressing need, give it a try. If not, wait a couple of weeks and I'll have 2.0 ready.
# Posted By Jake Munson | 11/21/08 2:44 PM
Thanks, Jake. I'll look forward to the new version.
# Posted By Pam Richmond | 11/24/08 6:31 AM
[Add Comment]
BlogCFC was created by Raymond Camden. This blog is running version 5.9. Contact Blog Owner