WebAIM - Web Accessibility In Mind

E-mail List Archives

Re: CAPTCHA

for

From: Sailesh Panchang
Date: Nov 5, 2014 6:53AM

Please remember the informative guidance in the first para of WCAG 2.0:
"Although these guidelines cover a wide range of issues, they are not
able to address the needs of people with all types, degrees, and
combinations of disability."
A similar statement was present in WCAG 1.
So one tries to do the best and push accessible solutions as best as
one can in the circs. of the context / environment.
Regards,
Sailesh


On 11/5/14, Mallory van Achterberg < <EMAIL REMOVED> > wrote:
>> On 11/5/14, Tim Harshbarger < <EMAIL REMOVED> > wrote:
>> > Are there accessibility solutions for CAPTCHA's that work specifically
>> > well
>> > for users who are deaf-blind? Are there solutions that be combined
>> > with
>> > other accessibility solutions to try to improve the
>> > accessibility/usability
>> > disaster that CAPTCHAs seem to create? What kind of real world success
>> > have
>> > people had trying to solve the CAPTCHA accessibility problem? How many
>> > different ways can we solve this kind of problem?
>
> The "best" ways I have found are unfortunate for many webmasters
> because the "best" solution seems to be a combination of many
> things: honeypots *and* timers *and* IP-range-blocking *and*
> human moderation at some level.
>
> I think it was Karl Groves who posted a whole list of his arsenal...
> http://www.karlgroves.com/2012/04/03/captcha-less-security/
>
> Which, the questions then remain:
> - These have been effective for Karl, but would they work equally
> well for larger or higher-traffic sites?
> - How to bundle all these things into a single simple implementation
> (the reason anyone uses CAPTCHA at all is because it's a single
> programmatic thing one can add to a form)... if it's not easy or
> takes more resources, it won't be implemented (much)
>
> The largest question in my mind is, how do we separate legitimation
> from human-ness? Spammers are humans and illigitimate, scripts and
> bots are not human and sometimes legitimate. This is where CAPTCHA
> fails, on top of incidentally blocking real and legitimate humans
> who miss something which, honestly, is not uniquely human or necessary
> to define "human".
> Multi-auth might be one way, though then we're imposing hardware
> limitations (for example, my phone can't recieve SMS, and I'm not
> the sole weirdo, and email validation can be subject to filters and
> SMTP issues).
>
> _mallory
> > > >