CAPTCHAs is Turing test are used to distinguish whether a user is a human or a computer. Till today huge number of CAPTCHA schema have been suggest or put forth and applied on miscellaneous websites to secure online services (SOS) from automated decaptcha programs. So development of a good CAPTCHA scheme that is both secure by automated recognition and human usable is an important research prob...

In this article, we’ve tried to examine the hypothesis of the robustness of a form by using CAPTCHA against CSRF and login CSRF attacks. Our investigations showed that unlike public opinion, common attacks to bypass CAPTCHAs such as Optical Character Recognition (OCR) and 3rd party human attacks are not applicable in the CSRF case and instead, Clickjacking is the most important scenario of CSRF...

A Completely Automated Public Turing test to tell Computers and Humans Apart (CAPTCHA) is a widely used security mechanism for constructing a high-confidence proof that the entity interacting with a remote service is actually a human being. Stimulated by the facts that: a) nowadays CAPTCHA challenges are solely based on the Latin alphabet, b) currently Internet population consists in its majori...

The massive and automated access to Web resources through robots has made it essential for Web service providers to make some conclusion about whether the ”user” is a human or a robot. A Human Interaction Proof (HIP) like Completely Automated Public Turing test to tell Computers and Humans Apart (CAPTCHA) offers a way to make such a distinction. CAPTCHA is a reverse Turing test used by Web serv...

CAPTCHAs have become a standard security mechanism that are used to deter automated abuse of online services intended for humans. However, many existing CAPTCHA schemes to date have been successfully broken. As such, a number of CAPTCHA developers have explored alternative methods of designing CAPTCHAs. 3D CAPTCHAs is a design alternative that has been proposed to overcome the limitations of tr...

We propose a new construct, the Text-Graphics Character (TGC) CAPTCHA, for preventing dictionary attacks against password authentication systems allowing remote access via dumb terminals. Password authentication is commonly used for computer access control. But password authentication systems are prone to dictionary attacks, in which attackers repeatedly attempt to gain access using the entries...

The most common computer authentication method is to use alphanumerical usernames and passwords. This method has been shown to have significant drawbacks. For example, user tends to pick a passwords that can be easily guessed. On the other hand, if a password is hard to guess, then it is often hard to remember. In this paper, we conduct a comprehensive survey of the existing graphical password ...

Abuse of free Internet resources and services from false account creation, to spam, to identity theft, excessive bandwidth usage, or even vote stuffing online polls is a big problem. The Completely Automatic Public Turing Test to tell Computers and Humans Apart (CAPTCHA) controls access to resources but automated systems are increasingly adept at overcoming them. In this paper a method of acces...