Captchas are a standard defense on commercial websites against undesirable or malicious Internet bot programs, but widely deployed schemes can be broken with simple but novel attacks. Applying security engineering expertise to the design of Captchas can significantly improve their robustness.
CAPTCHA (or Human Interaction Proof) is now almost a standard security technique for defending against undesirable or malicious bot programs on the Internet. However, the robustness of CAPTCHAs has so far been studied mainly just in communities such as computer vision, and document analysis and recognition. This paper motivates a security engineering… (More)
The use of colour in user interfaces is extensive. It is typically a usability issue, and has rarely caused any security concerns. In this article, we show that the use of colours in the design of CAPTCHA, a standard security technology that has found widespread applications in commercial websites, can have interesting but critical implications on both… (More)