Jump to content

Poor question for anti-bot protection


Recommended Posts

When signing up for the forum, I was prompted with the following question as an anti-bot protection (in addition to Google's "I am not a robot" checkbox):

"On what day is the 4th of July?"

There are at least a half-dozen different answers that could possibly be given for this, none (or all) of which are wrong, depending on your perspective.

Do you want a day of the week? Because it changes every year. Do you mean this year? Next year?

Are you asking for the US holiday name? Because that's only in effect for the United States.

Do you just want "July 4" expressed in some different way? Obviously not, because that's what I entered and it flagged it as wrong.

This "security" question doesn't prove anything about your users.

Fortunately, after getting that one "wrong" it switched to a different question that I could actually answer.

Link to post
Share on other sites

On 12/17/2017 at 8:53 PM, Matosawitko said:

When signing up for the forum, I was prompted with the following question as an anti-bot protection (in addition to Google's "I am not a robot" checkbox):

"On what day is the 4th of July?"

There are at least a half-dozen different answers that could possibly be given for this, none (or all) of which are wrong, depending on your perspective.

Do you want a day of the week? Because it changes every year. Do you mean this year? Next year?

Are you asking for the US holiday name? Because that's only in effect for the United States.

Do you just want "July 4" expressed in some different way? Obviously not, because that's what I entered and it flagged it as wrong.

This "security" question doesn't prove anything about your users.

Fortunately, after getting that one "wrong" it switched to a different question that I could actually answer.

Hi, @Matosawitko,

From where I sit I can easily understand where that could (and probably does) cause confusion for those who are not familiar with the date dedicated to celebrating the American Independence.  I'm sure there are other questions in there that would stymie both domestic (I am in the US as well) and international customers and members.

However, as you also noted, as soon as you got the wrong answer it gave you another opportunity with another question.  I believe that the Webmaster has set this up like this so that in situations like this you will not be asked 3 culturally-centric / nationally centric questions back to back, thereby allowing for all sorts of questions that many different types of users (from complete novices to the complete experts) to be able to answer.

In fact, I'm not even sure that it is limited to 3, it might have a larger limit before rejecting out of hand the registration attempt.  But if you consider the fact that there are bots and malicious groups and organizations out there trying their best to hack into different systems all over the world, well, you'd better understand why you have to get pretty specific with questions such as that to help alleviate the attacks a company like this faces on an almost daily  basis.  If every question was, say ,something you would think everyone in the world could answer, such as a simple mathematical result, then a bot would be able to easily compile a table of answers and start trying to break the verification method that much more quickly.  By asking more relevant, more 'human' questions, yes, it precludes groups of people from knowing the answer - but at the same time it also strengthens the security attached to registration.

All in all, if it did not switch to a different question, I would be concerned.  But since it did, I think you (and all other non-US-based customers and members) are OK in being able to sign up.

(Note:  I am neither am employee nor have I received any compensation from Malwarebytes, and thus the above may not be at all correct / may not be along the lines of company policy.  It is mostly just conjecture on my part).

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share

  • Recently Browsing   0 members

    No registered users viewing this page.

Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.