Captcha

There are few things in the world that I hate too much. One such thing is to prove a stupid computer that I am really a human , not a bot. The way we have to prove it, is so much annoying. Most of the time we have to read some distorted letters and enter them to a text box. This text is called a "CAPTCHA". "CAPTCHA" stands for "Completely Automated Public Turing test to tell Computers and Human Apart". This is a kind of Turing test. Instead of administrated by a human and targeted at a machine "Captcha" is administrated by a machine and targeted for a human. The "Captcha"s are used for variety of purposes. The main purpose is to stop spams and automated votes in voting systems. Most of the time we encounter these while registering to a website or posting a comment on a blog post. Also sometimes we have to fill a "Captcha" if we incorrectly entered a password several times.  

But I feel this has become a very annoying thing to most people. Some of the "Captcha"s are really unreadable. It is interesting to know whether there are any data available on the time that is wasted due to these "Captchas". Thus the balance between the security and the user friendliness should be maintained by carefully selecting when to use "Captcha"s and their hardness to solve .

How Secured is Your Security Question ????

You may have seen different kinds of questions such as "What is your library card no ?" , "what is your mothers birth town ?", while registering for an online account.These questions are used in password recovery processes and additional sign in verifications. Normally we all care about our passwords and worry about the security of the password.

But do we really care about these security questions ? It seems most of us don't care much about these.Most of the time we give our real details as the answers to theses questions and simply forget about the security question.Even I was unaware of security questions selected for my email address until i decided to write this post.The most surprising thing is that I can't come up with the correct answer for those questions.I think this is common between most of us.We really DON'T CARE about those.

But in reality this is a great security risk.Even if you have a very good password that can not be guessed easily,you may be vulnerable to security threats.It is like locking the front door while leaving the backdoor open.The confidentiality of the answers for a security question will be far less than a password.If some one asks you a password you probably wont tell.But if some one asks you the birth town of your mother you may answer it.Also most of the details that are asked in security questions can be found publicly or can easily be guessed.That is what happened with the email account of Sarah Palin the vice president candidate during 2008 elections.

A good security question should have a answer which can be easily memorized, which is not publicly available and which does not change overtime. Further the possible number of answers for the question should be very large so that it can not be guessed. There are some websites which offers good security questions. But it is worth to note that the goodness of the question depends on the expected answer as well.