Coding Passion

The people that are currently working on OpenID have come up with a new problem with the protocol: bots. You know those annoying programs that create hundreds of accounts and just spread spam and hatred all over the net? Well the usual way to keep clear of bots is adding a CAPTCHA to the site, but that would be a step backwards for OpenID. You see OpenID is all about Single Sign-On, easy registration and just plain easiness, while Captchas add a stop in the word flow, an undesirable interruption. Why require users to enter them over and over and over again? That’s exactly where BotBouncer comes into play:

I’m excited to announce BotBouncer.com which is a free service that we’re releasing today. BotBouncer allows sites to verify that an OpenID has successfully entered a CAPTCHA. BotBouncer works as web service that sites can subscribe to with a unique API key. As users login to an OpenID enabled site that site can query BotBouncer to see if that OpenID has entered a CAPTCHA. If they have, it quietly logs in the user via the existing OpenID process. If it doesn’t, the user is sent to a page where they must enter a CAPTCHA. Once they have successfully entered the CAPTCHA, they are redirected back to the page from where they came from.

I personally like BotBouncer, it adds an extra Karma Point to my account, now I can prove that I’m human once and never bother again. I wouldn’t rely only on BotBouncer though, because it requires you to trust BotBouncer, no big deal there, but most importantly you’d close out everybody that hasn’t registered with it. Just add a Captcha for users that haven’t yet registered with BotBouncer. [via Kveton.com]