CAPTCHA stands for "Completely Automated Public Turing test to tell Computers and Humans Apart". As the acronym suggests, the main reason of using CAPTCHA is to tell computers and human apart. It is a challenge-response test used to ensure that the response is not machine generated. CAPTCHA comes in many forms, some are more popular than the others
  1. Text based captchas in which the user sees an image displaying letters or numbers and is asked to type what he sees
  2. Image recognition captchas which display some images and asks questions about their content. Microsoft Assira is an example
  3. 3D captchas which display come complex computer generated 3D graphics scene and asks about the 3D details and contents

Image recoginition and 3D recognition try to impose more difficulty on computer programs that try to break CAPTCHAs.

reCAPTCHA is one of the CAPTCHA efforts. It also tries to solve another problem in addition to fighting spam. It tries to improve the process of digitizing books by sending words that cannot be read by computers to the Web in the form of CAPTCHAs for humans to decipher. The question that popped immediately in my mind was how does that reCAPTCHA verify the answers if it’s using images of words that the computer couldn’t really figure out what they were while scanning them. The answer is simple: it display two words at a time, one word can be easily verified and for the other word, your solution is taken to be a suggestion for that word. That word is used many times in different CAPTCHAs and eventually many people will suggest the same thing.

Currently, reCAPTCHA is recommended as the official CAPTCHA implementation by the original CAPTCHA creators.

This way reCAPTCHA not only helps you to fight spam but also gets you to participate into a good cause like digitizing the world’s books.

Using reCAPTCHA in your Rails application is so easy thanks to the recaptcha plugin. This plugin gives you 2 main methods that you can use in your application

  1. recaptcha_tags which should be used in the view in your form.
  2. verify_recaptcha which should be used in the controllers to verify the user’s answer

You should register at reCAPTCHA to get your public and private keys which are required by the plugin. The plugin requires that you define them as Environment variables.
recaptcha_tags accepts an options hash which can define the public key with :public_key so that it doesn’t look in your environment variables.
verify_recaptcha – which uses the private key – doesn’t provide a way for you to pass the private_key.

I’ve forked the plugin here and modified verify_recaptcha such that it now accepts an options hash – like recaptcha_tags – which allows you to define :private_key which will be used instead of looking into the environment variables.

Fight spam, help in digitizing books, use reCAPTCHA !

update: I sent a pull request to the guys over at http://github.com/ambethia/recaptcha to include my changes. Peter Abrahamsen replied and after a couple of messages we modified the plugin such that we no longer need to set the public and private key in any environment variables.  We also added a toggle to enable/disable the plugin. We can use the plugin as follows now

  Ambethia::ReCaptcha.enabled = true
Ambethia::ReCaptcha.public_key = '0123456789ABCDEF'
Ambethia::ReCaptcha.private_key = '0123456789ABCDEF'

If the toggle is set to false the recaptcha_tags will return nothing and the verify_recaptcha will always return true meaning that the recaptcha code does nothing which is what we want in case of disabling it.