CAPTCHA is a program that can generate and grade tests that humans can pass but computer programs "cannot". One of strategies followed are showing an image to user with distorted text, and user should write text in input area. If showed text is the same as input by user, then we can "assure" that a human is on computer. A captcha example:

 

Captchas have several applications for practical security, for example:

  • Preventing Spam in comment fields.
  • Protecting from Massive User Registration.
  • Preventing Dictionary Attacks.

 

Now you know how captcha works, the problem is that if you want to use captchas in your website, you should implement yourself process described above, and of course this is not easy and tedious work is required digitalizing works. For this reason there are some "captcha providers" that have done this work for us. One of these providers is reCaptcha http://www.google.com/recaptcha.reCaptcha is a free captcha service that provides us these captchas ready to be used in our site. As developers we only have to embedded a piece of code in client side for showing captcha image and text area, and in server side, calling a function for resolving input data. reCaptcha provides plugins for dealing with lot of programming languages like JavaPHPPerl, ...

This post will guide you on how to use reCaptcha in Spring MVC web application. The application consists in a form to register a new user. This form contains a captcha for avoiding a bot starts a massive registration attack.

 

Full Post Here