Page 1 of 1
OT and FYI: Article on security logons
Posted: Wed Jun 20, 2012 10:46 am
by RoryOF
Re: OT and FYI: Article on security logons
Posted: Wed Jun 20, 2012 9:34 pm
by Hagar Delest
Re: OT and FYI: Article on security logons
Posted: Thu Jun 21, 2012 2:36 am
by kingfisher
There are some captchas that require many attempts to get right. I found a novel approach on the Chakra registration page. Unfortunately I forgot to copy the url of that page after logging out but you should be able to see a link to it by loading
the bbs page.
I am attaching a snapshot. I was fooled and I'm not a bot.
Re: OT and FYI: Article on security logons
Posted: Tue Jul 10, 2012 5:41 pm
by TerryE
Once we require the users to enter their OpenOffice version and check that the response contains "office" and "2." or "3." we have eliminated all generic phpBB registration attack bots. Yes, it is easily susceptible to specific-to-this-forum coded attack, but I very much doubt that any attacker will go to this effort for a single forum with our usage patterns and volumetrics.
So most of our successful registration attacks employ cheap sweat-shop labour. This type of human attach will easily defeat this type of security measure.