CAPTCHA: Difference between revisions
clarify headline, cat: common terms |
→Alternatives: biometric auth (not securit) |
||
| Line 19: | Line 19: | ||
#Temporary tokens - after a user passes a CAPTCHA, a token is accepted onto the user's device allowing them to use the associated webservice for a fixed amount of time. | #Temporary tokens - after a user passes a CAPTCHA, a token is accepted onto the user's device allowing them to use the associated webservice for a fixed amount of time. | ||
#Multi-factor authentication - using a pre-arranged secondary device to independently authenticate identity. | #Multi-factor authentication - using a pre-arranged secondary device to independently authenticate identity. | ||
#Biometric | #[[Biometric authentication]] - facial recognition, fingerprint, retinal scan. This would only be acceptable in an institution with very high security requirements. | ||
<blockquote>"Users should not be forced beyond what is strictly necessary to keep a site secure, e.g.,/ if a honeypot suffices, use a honeypot until evidence of robotic attacks dictates something else." - W3C<ref name=":1" /></blockquote> | <blockquote>"Users should not be forced beyond what is strictly necessary to keep a site secure, e.g.,/ if a honeypot suffices, use a honeypot until evidence of robotic attacks dictates something else." - W3C<ref name=":1" /></blockquote> | ||