We are happy to report that Zone BBS, a popular text based bulletin board system in the blind community, has switched from an audio / visual CAPTCHA scheme to THaCAA – Telling Humans and Computers Apart Automatically to ensure the security of its account registration process. Whereas the previous scheme excludes users who happen to be deaf-blind, the new text based system includes everyone. Although no CAPTCHA test is perfectly accessible or secure, we hope the new implementation will prove to be sufficiently robust for the needs of the Zone BBS.
Hi Darren,
When you start a post title with “Visual Verification,” is that a request for a sighted person to check the sight out and report back? If so, yup, Zone BBS is using an all-text security mechanism and everything looks great.
Rachel
No. The visual verification tag is simply a relatively nontechnical way of explaining the way CAPTCHA works. It was also derived in part from Google’s use of the term “word verification” to describe such a scheme when I started writing about these issues back in 2005. Thanks for writing as always. It is nice to hear from you again.
In our discussions, I think it’s important not to apply a double-standard. We switched foom an audio CAPTCHA system to one that is text-based to accomidate all users. But on other posts on this blog, sites are praised for implementing audio CAPTCHA which has the same access challenges. If we are to demand a solution which is accessible to all including the deaf, which I believe we should be doing, then this demand needs to stretch to all sites, not just those which happen to serve the blind community.
There is no double standard, but, rather, a certain logic to my approach here. The bar of accessibility for all blind community sites is rightly set as high as it can possibly go, for very obvious, self-explanatory reasons.
On the other hand, with sites outside the blind community, we must insist on what might be considered to be a “reasonable accomodation” rather than demanding “the moon” in accessibility. This text based challenge / response scheme is not considered to be nearly as secure as either audio or visual CAPTCHA. Many web site operators will thus not be keen to consider its implementation. Outside the sites specifically serving our community, we must thus operate within a constraint of reality. A universally accessible solution that is just as secure as audio and visual CAPTCHA just does not currently exist. It is probably going to require thousands of hours and tens of thousands of dollars worth of R&D to reach the point where that has become a reality. I can expect a web site developer to take a half hour or so to implement ReCAPTCHA, but I can’t demand they spend such high amounts of time and money to create a universally accessible solution from the ground up.
Yeah. I know. Reality bites pretty hard. I’m always open to all new ideas on this topic, as my ultimate aim is most certainly for the existence and use of a universally accessible, secure CAPTCHA scheme that protects everyone and excludes noone.