Search >>

Are your online forms secure?

Aug 27, 2008 by Marissa Berger

If your website has an unprotected contact form, sign-up form or guestbook, you are asking for trouble. Websites large and small, old and new, popular and rarely visited—all are at risk. You need to protect the data your clients provide!

What is the problem?
Internet robots (aka “bots”) find web forms and maliciously interfere with them. Bots can send thousands of spam emails through otherwise respectable web forms. Bots can also fill in the forms, signing up for e-mails, and even ordering the services and products you offer. Some bots use virus-laden attachments to get into forms to steal users’ passwords and credit card details.

Here’s how to tell if your web form is—or isn’t—protected.
Protected forms include a graphic of distorted characters, which the user must decipher and correctly type into a special field. Bots can’t decipher these distorted characters; only real live people can. The graphic looks something like this:

captcha_01

Sample of CAPTCHA online form security.

Unprotected forms can’t prevent bots from entering data in the form’s standard fields. The data is often “garbage” similar to the graphic below. If your database is collecting such nonsense, your unprotected form has been accessed by bots.

captcha_02

Sample data from unprotected form.

What is the solution?
CAPTCHA is the solution. The acronym CAPTCHA stands for “Completely Automated Public Turing test to tell Computers and Humans Apart.” It is pronounced—not coincidentally!—almost like the word “capture.”

CAPTCHA validates that the information being entered on the web form is from a real, live human and not from some automated program. Only a human can decipher the distorted characters on the screen and type them in for verification.

Adding CAPTCHA protection to your web forms will stop many bots and make it tougher for other bots to access or use your forms.

Protect your online forms now. Adding CAPTCHA to your web forms is not a complicated task for your web developer. You can see live samples on our main MB/I site (www.marissaberger.com). We have added them to all of our forms, no matter how many fields they each have.


Like this article? You may want to read:

Category: Tips & Techniques

Tagged: , , , , , ,

Permalink

2 Responses

  1. Daniel says:
    July 13, 2009 at 10:55 pm

    Thank you for this helpful article.

  2. 3 Kinds of CAPTCHA - The Gold Mine says:
    August 2, 2011 at 2:55 pm

    [...] CAPTCHA is especially useful for protecting your online forms, though it can also be helpful in keeping spammers from hijacking your blog, forum, or sign-up procedures. [...]

Leave a Reply

Welcome to The Gold Mine

The Gold Mine is a blog developed by MB/I to assist site owners with the process of developing and maintaining a website. MB/I is a full-service web development company building websites since 2000.

Follow MB/I in: