If you saw the state of this blog when I posted my previous entry you have probably noticed it has had some things added to it; now the comment system is functional so you can easily tell me how much this blog sucks, I have also written a RSS feed writer so you can all subscribe to it.

While I was writing the comment system I realised I would need to implement a captcha to stop bots spamming it; for those who do not know, captcha stands for "Completely Automated Turing Test To Tell Computers and Humans Apart". An example of a captcha is the one currently being used in the comment system; it is an image that contains letters which have been manipulated to make it hard for a computer to recognize but easy enough for a human to make them out preventing bots from commenting... usually.

The problem with captchas nowadays is methods have been created for bots to pass them; these methods consist of well written algorithms to actual humans being hired to type the codes out manually all day. You are probably wondering why I am telling you all this, the reason is I have created my own captcha.

I wanted to see if I could create a captcha which is a lot harder to crack by a computer; I needed a way to represent a value using something which could be near infinite and never have similar forms like letters have since there is a limit to how many ways you can represent the letter A, so I came up with the idea of using randomly generated polygons and having the human type in how many sides it has. A shape with 6 sides for example can be represented in a huge number of ways.

To generate a polygon randomly I started by using a pseudo random number as the number of sides the polygon would have, the number of sides a polygon has equals the number of points it has so I knew how many random points I would need to generate to result in the correct number of sides. The points could not be placed anywhere, I needed a way to generate polygons which were recognizable by humans so there had to be some rules to follow, this is what I did:

For each point I started with the vector (0, 1)

I then generated two more pseudo random numbers; one representing the length of the vector and one representing how much the angle of the vector would be increased, the range of the random angle increment was based on how many points needed to be generated, the increasing angle could not pass over 360 degrees otherwise the polygon would not be rendered properly, I also had to control the length of the vector to stop the polygon becoming too large or too small.

As you can see after a few more iterations the points start to become spaced out and can create a well shaped polygon.

In the end I had the algorithm down but then reality hit me; even with 3 polygons being generated the amount of code combinations was very low since the sides of the polygons needed to be limited from 3 to 7 because no one wants to spend all day counting a 29 sided polygon. If I had 3 polygons which each had 4 possible values it comes to 4^3 = 64, that is not a lot of combinations! That means a bot has a 1/64 chance of guessing the code and posting a comment, that is not good.

I tried increasing the number of combinations by chucking in random symbols above the polygons; a random symbol would be selected and the user must only type in the sides of the polygons which have that symbol above them but it still was not enough, I just could not think of a way to increase the combinations even more without being unrealistic, after all that work the captcha well... didn't work.

Anyway just for the sake of completing it I made it generate a load of rubbish around the polygons and shapes to make it harder for a computer to work out the sides of the polygons, I have provided a working version of how far I got with it and would appreciate any comments with ideas on how a captcha like this could actually be pulled off.

The pointless captcha: Click here