New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Too easy to crack #8

ghost opened this Issue Jun 24, 2014 · 3 comments


None yet
2 participants

ghost commented Jun 24, 2014

Sorry guys but your captcha very easy to crack 1/10.

First need create database on your images:

  • then simple create fingerprint of all images eq:
    • red dots are saved color position
    • Then just compare all images from database


This is some kind of joke ?


This comment has been minimized.


BrunoBernardino commented Jun 24, 2014

Closing because this is being discussed over at #2.

  1. You're forgetting the point of the images/audio being custom per website.
  2. Making a database per website being "attacked" is not a "minor cost".

Finally, visualCaptcha is about improving the UX for the people using your application, without diminishing security considerably, not targeted at things like or where there are obviously other implications to take under consideration.

Thanks for your feedback anyway!


This comment has been minimized.

CrazyPython commented Jul 11, 2016

@BrunoBernardino A hacker with four hours could break your security y downloading something like ConvNetJS and using it to recognize images. No GPU required.


This comment has been minimized.


BrunoBernardino commented Jul 11, 2016

I can imagine that's possible for the default install everyone sees. I'd recommend those people use something like reCaptcha.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment