On Sun, Jan 20, 2013 at 1:22 PM, David Gerard <dgerard(a)gmail.com> wrote:
The MediaWiki captcha is literally worse than useless:
it doesn't keep
spambots out, and it does keep some humans out.
(I was just reminded of this by a friend I lured into joining
Wikivoyage - who can see and is highly literate, but found the captcha
Why are we still using this?
This question is something we've also been asking ourselves on the E3 team,
as part of our work on account creation. I think we all agree that CAPTCHAs
are at best a necessary evil. They are a compromise we make in our user
experience, in order to combat automated attacks.
If anyone is interested in seeing how CAPTCHAs impact users first hand, you
should definitely watch the remote user tests we did at
at least scan the notes. Those highlighted for us that, even in the
nicer looking new version we built, the CAPTCHA is a pain in the ass.
To get more numbers on how much taking away the CAPTCHA might gain us in
terms of human registrations, we have considered a two hour test (to start
with) of removing the CAPTCHA from the registration page:
kind of test would probably not be an accurate measurement of what kind of
spam would be unleashed if we permanently removed it, but the hourly volume
of registrations on enwiki is enough to tell us the human impact.
There are other, easier things we can do to make this issue far less worse,
if we can't remove it entirely without lots of rigorous testing...
One thing we recently did was simply regenerate the images with font
rendering that is easier to read for people; our system for generating
CAPTCHAs is arcane to my eyes, but Aaron Schulz was able to accomplish that
without much headache.
The other thing in the works is adding a refresh button to the CAPTCHAs,
which if done correctly could make a huge difference IMO:
That patch still needs UI
improvements and testing, but any help would be most welcome.