Stop using Captchas that Can be Broken with Two Lines of Code

The de-facto bot prevention technique sprawls everywhere on the web but I am surprised how people overestimate the difficulty of breaking a captcha. Here are some of them which I encountered.

It won’t take rocket science to convert them to text. In fact, the only two free tools needed for this purpose are: tesseract and Imagemagick.

convert captcha.jpg -threshold 5% a.jpg

Adjust the threshold value to get a binary image with no noise.

tesseract -l eng a.jpg text

This will create a “text.txt” file with the captcha text in it.

I ran a test on effectiveness of these commands and the success rate was nearly 9 / 10, clearly implying how weak or better say, made-from-scratch captcha implementations are as good as having none at all.

Subscribe

Enjoyed this post? Get an email notification when I publish.

comments powered by Disqus