Last modified: 2010-11-01 18:53:55 UTC
It would be good when we had captcha phrases in other scripts. Combine this with a script selector and we have much improved usability while maintaining this security feature. PS We have plenty of words in all scripts.. it is a matter of obfuscating them enough. Thanks, GerardM
I bet 99% of captcha crackers can't even *begin* to analyse non-latin scripts. There's probably a significant increase in security to be had from opening up the character set used in the captchas.
(In reply to comment #1) > I bet 99% of captcha crackers can't even *begin* to analyse non-latin scripts. > There's probably a significant increase in security to be had from opening up > the character set used in the captchas. I don't see how, unless you start giving non-latin captchas to everyone, in which case we will quickly find outselves without any new accounts...
OK, let me see... English Wikipedia.. Latin Captcha, Hindi Wikipedia.. Devangari Captcha, Russian Wikipedia.. Cyrillic Wikipedia. That was not so hard? Hmmm suppose I want to start a profile on a Wiki with an "other" script... eh Single User Logon to the rescue !!! YEAH We might even have a drop down box to select the script of the Captcha.. I wonder, how many more people we will gain with this approach... actually nobody who does the Latin script!!
(In reply to comment #2) > (In reply to comment #1) > > I bet 99% of captcha crackers can't even *begin* to analyse non-latin scripts. > > There's probably a significant increase in security to be had from opening up > > the character set used in the captchas. > > I don't see how, unless you start giving non-latin captchas to everyone, in > which case we will quickly find outselves without any new accounts... > If you give a Cyrillic captcha on ruwiki, that means only spambots that can read a cyrillic captcha (or who can navigate the vagarities of CentralAuth) can spam on ruwiki. Ditto for every other wiki on which we can serve a non-latin captcha. No, it doesn't provide increased security on say, enwiki, because we need to continue to serve latin captchas there, but wherever we *can* serve captchas in other scripts, we get improved security.
You do not get it. You want a Cyrillic captcha for those languages that are written in Cyrillic. This has nothing at all to do with en.wiki because there we only need to server a Latin captcha. People who use another script are likely to create their user on a wiki with that other script. Thanks, GerardM
(In reply to comment #5) > You do not get it. {{fact}} >You want a Cyrillic captcha for those languages that are > written in Cyrillic. Yup >This has nothing at all to do with en.wiki Nope. That's why I said in comment 4 that "it doesn't [add anything] on say, enwiki" >because there > we only need to server a Latin captcha. Yup >People who use another script are > likely to create their user on a wiki with that other script. Yup. And since most spambots aren't going to be able to read Cyrillic captchas, most spambots can't do that. Ergo, improved security. Yes, the security increase is weakened by CentralAuth, but that doesn't mean there isn't a security increase. We'd be giving captchas that some spambots can't read (and improving accesibility at the same time). How can that be a *bad* thing?
I think that this bug can be merged with Bug 5309.
(In reply to comment #7) > I think that this bug can be merged with Bug 5309. I agree. *** This bug has been marked as a duplicate of bug 5309 ***
