I stumbled across this (what I believe to be) ingenious method of spam protection and I would like to share it with all of you. At the moment it’s being called ‘Negative CAPTCHA‘. It’s like CAPTCHA but in reverse. What I mean by that is instead of having a user fill out a form field with gibberish… you have them bypass the form all together. The reason they will not fill it in is because IT WON’T BE THERE. The method looks for an invisible form field to be posted with no information. The form field will be hidden by CSS so the human user will never see it. Bots on the other hand don’t take into account for site layout or styling. The form field will be there when the bot comes along and blankets your form with miscellaneous data. That hidden form will then be populated in the post and will easily identify your ‘user’ as being a bot.

Now I know that you would need to take into account for people using screen readers or possibly someone that turns off styles, but for the most part… this method should work. I will be implementing this in my next project and hope to post an update with what I’ve found.

Ned Batchelder also has some useful information on stopping spam bots with a similar method.

Similar Posts:

• Simple way to finally get your Basecamp RSS into Google Reader
• A Post a Month
• Update: No IMAP for you!
• So…Wordpress it is
• Scott Chacon - A man on a mission