Windows Vista has a nice option labeled Show characters
right below password input fields:
Windows Vista "Show characters" checkbox under a password field
And Useit.com recommends it: It’s time to show most passwords in clear text as users type them.
So without further ado, here’s what it looks like on the web: unmasking the password field
This is the HTML code from the example:
As I was saying in a past–not so documented–article, this is how the Hidden Captcha concept works:
Does the user have JavaScript enabled?
If yes, they’re okay — let’em comment, no annoying captcha required.
No? We’ve got a suspect. Read them their rights and serve them the ultimate “are you human?” test.
I made this 5 minute screencast to earn fame and fortune on Nettuts, but I’m also posting it here along with some textual comments. Figured I’d make it easier for you to copy/paste the whole 2 lines of JavaScript.
Here’s what you start with, the source code from this tutorial.
(Note: be sure to have the Arial font file called arial.ttf in the fonts folder–copy it from your System in there because their archive does not come with it).
This is the JavaScript/PHP I’m pasting in:
<script type="text/javascript"> <!-- document.getElementsByName('code')[0].value = '<?php echo $string; ?>'; document.getElementById('captcha').style.display = 'none'; --> </script>
Both lines of JavaScript work on elements from this chunk of HTML:
<div id="captcha"> <img src="captcha.php"/> <p><input type="text" name="code" /> Are you human?</p> </div>
The first line of JavaScript sets the correct value for the code text field.
And the second line of JavaScript sets display:none to the captcha div, thus hiding it from anyone with JavaScript enabled.
Here’s the deal: I need to store some sensitive data (user names and passwords) in a flat file. I don’t want to make any use of databases because this would defeat the whole purpose of the project. Of course, the passwords will be md5 encrypted in the file, but this wouldn’t be enough.
This neat little login system, Micro Login System, seems to have the basic stuff for me to start with but, as said it stores the user info in a text file.
The contents of userpwd.txt would have been:
admin:3089af3a625carf15ed2a1a93684413ffa user1:75580656a394292460ebb4b036ebeaf1 user2:c67ac4665947cd23ff7d1d180b8e41d5
That’s user : md5( password ).
I was concerned about this because anyone who knew about the system could have entered address/userpwd.txt in the address box and gotten that info.
Php files are pretty secure right?…
How I use captcha without making my users complete the barely readable word
Capthca sucks. For more information on how much captcha can suck see John Willis’ post Top 10 Worst Captchas.
But at the same time it can be really annoying for webmasters to have their forms unprotected with all the spam bots running free out there.
What I wanted was to have the commenting feature protected against spam bots without having the innocent human users ruining their eyes on captcha like images, or complete any mathematical equation or any other additional question fields.
One very important difference between a spam bot and a human using a web browser is that the first can’t run JavaScript code. However, this isn’t a perfect criteria of selection, because there are humans browsing the web using browsers without JavaScript support (Opera Mini for mobile devices for example).
My ideea (and as I did some Google searches, I found out other people had similar ideas) was the followig algorithm:
Does the user have JavaScript enabled?
If yes, he’s ok. Let him comment.
No? He’s a suspect. Read him his rights and give him the ultimate “are you human?” test.
To do this I left the captcha system enabled and in place and wrote 2 extra lines of JavaScript that:
//complete the text field with the correct word from the image: $('secretword').value='nospam'; //hide the div containing the captcha image and the text field: $('captcha').style.display='none';
You can find 
RSS