CAPTCHA is Dead, Long Live CAPTCHA!

Interesting post on coding horror. 3 of the most well known CAPTCHA's are now broken - Google, Hotmail and Yahoo!

Wisdom comes from Gunter Ollman, he notes:

CAPTCHAs were a good idea, but frankly, in today's profit-motivated attack environment they have largely become irrelevant as a protection technology. Yes, the CAPTCHAs can be made stronger, but they are already too advanced for a large percentage of Internet users. Personally, I don't think it’s really worth strengthening the algorithms used to create more complex CAPTCHAs – instead, just deploy them as a small "speed-bump" to stop the script-kiddies and their unsophisticated automated attack tools. CAPTCHAs aren't the right tool for stopping today's commercially minded attackers.

Read more here.