the best alternative they can provide for captcha is OTP. I just visited the income tax website to link my apan card with adhar card. they have this option. I easily linked my pan card with the help of OTP. I loved it. I think IRCTC, UIDAI, and all others should adopt this idea.
On 8/8/17, Kotian, H P via Ai <ai@accessindia.inclusivehabitat.in> wrote: > Hi Alok > > Just to bring to your attention, there is a security challenge in this > approach. > CAPTCHA is essentially used to fight against Bots and to prevent them from > guess the CAPTCHA. > As I see, you have the words placed in Alt text. It is not a big deal to > read the alt dext fromDocument object and convert the numbers in words back > to numerals. > > Check it out. > > Harish. > > > From: Ai [mailto:ai-boun...@accessindia.inclusivehabitat.in] On Behalf Of > Alok Kaushik via Ai > Sent: Tuesday, August 8, 2017 8:49 AM > To: ai@accessindia.inclusivehabitat.in > Cc: Alok Kaushik <alok.li...@gmail.com> > Subject: [Ai] For software developers - creating custom accessible CAPTCHA > > Hi, > In one of my recent software development works I created a CAPTCHA that is > accessible for screen readers using the following approach. > > > 1. Generate a random 5 digit number. > > 2. Generate an image containing the embedded 5 digit number. Image is > programmatically generated and is not an image that could be downloaded. 5 > digit number is communicated to the captcha generating code using > encryption. > > 3. Convert the complete 5 digit number in English words, including the > words thousand and hundred. > > 4. Assign the converted number in words as the alternate text of the > image dynamically. This would allow the screen readers to read out the > number in words, while other users will see regular image. > > 5. Track the random number as a session variable for later > comparison. > > I am writing this for following two reasons. > > 1. This approach seems to be working for me. Want to know if anyone > sees any issue in this either in usability or security. > > 2. If anyone doing software development is interested in implementing > this, I can share the code off the list. > > Thanks. > Alok > > > ________________________________ > > Caution: The Reserve Bank of India never sends mails, SMSs or makes calls > asking for personal information such as your bank account details, > passwords, etc. It never keeps or offers funds to anyone. Please do not > respond in any manner to such offers, however official or attractive they > may look. > > > Notice: This email and any files transmitted with it are confidential and > intended solely for the use of the individual or entity to whom they are > addressed. If you are not the intended recipient, any dissemination, use, > review, distribution, printing or copying of the information contained in > this e-mail message and/or attachments to it are strictly prohibited. If you > have received this email by error, please notify us by return e-mail or > telephone and immediately and permanently delete the message and any > attachments. The recipient should check this email and any attachments for > the presence of viruses. The Reserve Bank of India accepts no liability for > any damage caused by any virus transmitted by this email. > -- gatak singh QA test engineer at VMware India pvt. ltd. Email: gataksingh.gurud...@gmail.com gutta...@vmware.com WhatsApp: 9980948679 skype: gatak.guru facebook: https://m.facebook.com/gatak.singh?ref_component=mbasic_home_header&ref_page=%2Fwap%2Fhome.php&refid=8 twitter: https://twitter.com/gataksingh youtube: https://www.youtube.com/channel/UCzlwwCd3JSGJC3eyn7i1HeQ Disclaimer: 1. Contents of the mails, factual, or otherwise, reflect the thinking of the person sending the mail and AI in no way relates itself to its veracity; 2. AI cannot be held liable for any commission/omission based on the mails sent through this mailing list.. To check if the post reached the list or to search for old posting, reach: https://www.mail-archive.com/ai@accessindia.inclusivehabitat.in/maillist.html _______________________________________________ Ai mailing list Ai@accessindia.inclusivehabitat.in http://accessindia.inclusivehabitat.in/mailman/listinfo/ai
