absolutely agree with harish's point. it will be very big security
risk as it's very easy to retrieve the alt text of the images
programmaticly via bots and other manners.

On 8/8/17, bhawani shankar verma via Ai
<ai@accessindia.inclusivehabitat.in> wrote:
> it is already in IRCTC. in udai both captcha and OTP.
>
>
> -----Original Message-----
> From: gatak singh via Ai
> Sent: Tuesday, August 08, 2017 2:27 PM
> To: Share, empower &Enrich
> Cc: gatak singh
> Subject: Re: [Ai] For software developers - creating custom accessible
> CAPTCHA
>
> the best alternative they can provide for captcha is OTP. I just
> visited the income tax website to link my apan card with adhar card.
> they have this option. I easily linked my pan card with the help of
> OTP. I loved it. I think IRCTC, UIDAI, and all others should adopt
> this idea.
>
> On 8/8/17, Kotian, H P via Ai <ai@accessindia.inclusivehabitat.in> wrote:
>> Hi Alok
>>
>> Just to bring to your attention, there is a security challenge in this
>> approach.
>> CAPTCHA is essentially used to fight against Bots and to prevent them
>> from
>> guess the CAPTCHA.
>> As I see, you have the words placed in Alt text. It is not a big deal to
>> read the alt dext fromDocument object and convert the numbers in words
>> back
>> to numerals.
>>
>> Check it out.
>>
>> Harish.
>>
>>
>> From: Ai [mailto:ai-boun...@accessindia.inclusivehabitat.in] On Behalf Of
>> Alok Kaushik via Ai
>> Sent: Tuesday, August 8, 2017 8:49 AM
>> To: ai@accessindia.inclusivehabitat.in
>> Cc: Alok Kaushik <alok.li...@gmail.com>
>> Subject: [Ai] For software developers - creating custom accessible
>> CAPTCHA
>>
>> Hi,
>> In one of my recent software development works I created a CAPTCHA that
>> is
>> accessible for screen readers using the following approach.
>>
>>
>> 1.       Generate a random 5 digit number.
>>
>> 2.       Generate an image containing the embedded 5 digit number. Image
>> is
>> programmatically generated and is  not an image that could be downloaded.
>>
>> 5
>> digit number is communicated to the captcha generating code using
>> encryption.
>>
>> 3.       Convert the complete 5 digit number in English words, including
>> the
>> words thousand and hundred.
>>
>> 4.       Assign the converted number in words as the alternate text of
>> the
>> image dynamically. This would allow the screen readers to read out the
>> number in words, while  other users will see regular image.
>>
>> 5.       Track the random number as a session variable for later
>> comparison.
>>
>> I am writing this for following two reasons.
>>
>> 1.       This approach seems to be working for me. Want to know if anyone
>> sees any issue in this either in usability or security.
>>
>> 2.       If anyone doing software development is interested in
>> implementing
>> this, I can share the code off the list.
>>
>> Thanks.
>> Alok
>>
>>
>> ________________________________
>>
>> Caution: The Reserve Bank of India never sends mails, SMSs or makes calls
>> asking for personal information such as your bank account details,
>> passwords, etc. It never keeps or offers funds to anyone. Please do not
>> respond in any manner to such offers, however official or attractive they
>> may look.
>>
>>
>> Notice: This email and any files transmitted with it are confidential and
>> intended solely for the use of the individual or entity to whom they are
>> addressed. If you are not the intended recipient, any dissemination, use,
>> review, distribution, printing or copying of the information contained in
>> this e-mail message and/or attachments to it are strictly prohibited. If
>> you
>> have received this email by error, please notify us by return e-mail or
>> telephone and immediately and permanently delete the message and any
>> attachments. The recipient should check this email and any attachments
>> for
>> the presence of viruses. The Reserve Bank of India accepts no liability
>> for
>> any damage caused by any virus transmitted by this email.
>>
>
>
> --
> gatak singh
> QA test engineer at VMware India pvt. ltd.
>
> Email:
> gataksingh.gurud...@gmail.com
> gutta...@vmware.com
>
> WhatsApp:
> 9980948679
>
> skype:
> gatak.guru
>
> facebook:
> https://m.facebook.com/gatak.singh?ref_component=mbasic_home_header&ref_page=%2Fwap%2Fhome.php&refid=8
>
> twitter:
> https://twitter.com/gataksingh
>
> youtube:
> https://www.youtube.com/channel/UCzlwwCd3JSGJC3eyn7i1HeQ
> Disclaimer:
> 1. Contents of the mails, factual, or otherwise, reflect the thinking of the
>
> person sending the mail and AI in no way relates itself to its veracity;
>
> 2. AI cannot be held liable for any commission/omission based on the mails
> sent through this mailing list..
>
>
>
> To check if the post reached the list or to search for old posting, reach:
> https://www.mail-archive.com/ai@accessindia.inclusivehabitat.in/maillist.html
> _______________________________________________
>
>
> Ai mailing list
> Ai@accessindia.inclusivehabitat.in
> http://accessindia.inclusivehabitat.in/mailman/listinfo/ai
>
> Disclaimer:
> 1. Contents of the mails, factual, or otherwise, reflect the thinking of the
> person sending the mail and AI in no way relates itself to its veracity;
>
> 2. AI cannot be held liable for any commission/omission based on the mails
> sent through this mailing list..
>
>
>
> To check if the post reached the list or to search for old posting, reach:
> https://www.mail-archive.com/ai@accessindia.inclusivehabitat.in/maillist.html
> _______________________________________________
>
>
> Ai mailing list
> Ai@accessindia.inclusivehabitat.in
> http://accessindia.inclusivehabitat.in/mailman/listinfo/ai
>
Disclaimer:
1. Contents of the mails, factual, or otherwise, reflect the thinking of the 
person sending the mail and AI in no way relates itself to its veracity;

2. AI cannot be held liable for any commission/omission based on the mails sent 
through this mailing list..



To check if the post reached the list or to search for old posting, reach:
https://www.mail-archive.com/ai@accessindia.inclusivehabitat.in/maillist.html
_______________________________________________


Ai mailing list
Ai@accessindia.inclusivehabitat.in
http://accessindia.inclusivehabitat.in/mailman/listinfo/ai

Reply via email to