 |
 |
Hi all, Thanks for the responses! Going the honeypot route wasn't on my radar at all but I'll give that a shot since ArchivesSpace has support already. I knew the reCAPTCHA method was questionable at best when it came to accessibility so I wasn't thrilled to be going with that to begin with. Just as a note, it seems like a lot of the pushback stemmed from the user required interactions of recaptcha v1 and 2, but those aren't a part of v3 which triangulates a score based on a number of factors (Google is pushing this as invisible and without interruption but comes with a whole other set of philosophical and conceptual issues) Bhavin -- Bhavin Tailor University Libraries University of South Carolina [log in to unmask] | 803-777-9584 -----Original Message----- From: Code for Libraries <[log in to unmask]> On Behalf Of Lora Woodford Sent: Wednesday, April 24, 2019 4:34 PM To: [log in to unmask] Subject: Re: [CODE4LIB] ArchivesSpace reCAPTCHA Hey all, ArchivesSpace developer here. Since the recommendation of implementing a honeypot was raised, I wanted to point out that as of v. 2.5.1 this does exist in core code. (See the following for the relevant PR: https://protect2.fireeye.com/url?k=33339e81-6fa1a4bd-3333d040-ac1f6b0e675c-73cf0b55fc594121&u=https://github.com/archivesspace/archivesspace/pull/1366). As we're seeing from this thread, different audiences are going to have different wants/needs/expectations/etc. on this topic, but we do support any/all users from using the plug-in architecture to add desired modifications to their implementations of ArchivesSpace. Bhavin -- I will attempt to take a look into the basics of what would be involved in doing something like this via a plugin, but it likely won't be until next week at the earliest (catching up from spring break over here). Best, Lora --- Lora Woodford Junior Developer for ArchivesSpace [log in to unmask] 800.999.8558 x4808 Cell: 404.877.8158 On Wed, Apr 24, 2019 at 10:40 AM Michael Della Bitta <[log in to unmask]> wrote: > Capchas are a negative incentive for the users you actually want to > communicate with, across the board. They're frustrating, they can leak > private information, and they have accessibility issues. > > Have you considered using a honeypot form field? > > > https://stackoverflow.com/questions/36227376/better-honeypot-implement > ation-form-anti-spam > > On Wed, Apr 24, 2019 at 9:12 AM Kyle Banerjee > <[log in to unmask]> > wrote: > > > <soapbox>Captchas are like frequently expiring passwords with > > ridiculous validation requirements and canned security questions > > people can't > remember > > the answers to -- great examples of solutions built around > administrative > > concerns at the expense of the users they're meant to > > serve.</soapbox> > > > > I cannot fathom how difficult they must for anyone with any > > accessibility issue. Despite having every advantage, I fail them > > often and repeatedly enough that I actively avoid sites that use them. > > > > kyle > > > > I can sometimes be stuck for a looooong time trying to get the > > recaptcha > > > right and having it refreshed a few times because I got it wrong. > > > I > > usually > > > click every square that has any part of the ‘thing’ I’ve been > > > asked to identify in it. Sometimes also the images are so murky > > > it’s hard to > tell > > > what I’m looking at, so I’m just guessing. > > > > > > University Library | St Teresa’sLiterary agency y > > > > > > Telephone: +61 8 9433 0707 | Email: > > > [log in to unmask]<email > to: > > > [log in to unmask]> > > > > > > From: Code for Libraries [mailto:[log in to unmask]] On > > > Behalf Of Thomas San Filippo > > > Sent: Wednesday, 24 April 2019 2:23 AMmo: [log in to unmask] > > > Subject: Re: [CODE4LIB] ArchivesSpace reCAPTCHA > > > > > > The one that asks you to identify traffic lights always throws me. > > > Do the poles count as part of any traffic light or just the bulbs? > > > If > ito's > > > got > > > just the bulbs, should I exclude a panel that only has part of the > > > traffic light housing and no bulbs? > > > > > > > > > *Thomas San Filippo* > > > /Systems and reCAPTCHA Technology Liaison/ > > > > > > Pronouns: he/him/his; they/them/their(s) > > > > > > Madeleine Clark Wallace Library > > > <https://protect2.fireeye.com/url?k=f4abd6c1-a839ecfd-f4ab9800-ac1 > > > f6b0e675c-14c5583e9fbd24ff&u=https://wheatoncollege.edu/academics/ > > > library/%3C > > > https://protect2.fireeye.com/url?k=8832ec0d-d4a0d631-8832a2cc-ac1f > > > 6b0e675c-f6674277ba50c53b&u=https://wheatoncollege.edu/academics/l > > > ibrary/>>, G34 Wheaton College > > > <https://protect2.fireeye.com/url?k=45a4961e-1936ac22-45a4d8df-ac1 > > > f6b0e675c-5334a3b28cb9edfe&u=https://wheatoncollege.edu%3chttps//w > > > heatoncollege.edu > >> > > > 26 E. Main Street, Norton, MA 02766 > > > <https://protect2.fireeye.com/url?k=07a983d7-5b3bb9eb-07a9cd16-ac1 > > > f6b0e675c-dbe1b2e92ca0a3bf&u=https://goo.gl/maps/d5JvoKZUEXy%3C > > > https://protect2.fireeye.com/url?k=8ed5cbbd-d247f181-8ed5857c-ac1f > > > 6b0e675c-942e7f93c6c32833&u=https://goo.gl/maps/d5JvoKZUEXy>> > > > (508) 286-5601 <tel:+15082865601> > > > Twitter: @WallaceLibrary <https://twitter.com/WallaceLibrary< > > > https://twitter.com/WallaceLibrary>> | > > > Instagram: /wallacelibrary > > > <https://www.instagram.com/wallacelibrary/< > > > https://www.instagram.com/wallacelibrary/>> | > > > Facebook: wheatoncollege > > > <https://www.facebook.com/WheatonCollege/< > > > https://www.facebook.com/WheatonCollege/>> > > > On 4/23/19 1:04 PM, Kate Deibel wrote: > > > > Two things to consider about reCAPTCHA. > > > > > > > > One, its accessibility has often been a mixed bag, which is > > > > common > for > > > most Google widgets. Despite being widely used, Google tends to > > > deprioritize fixing accessibility complaints on them. Also, Google > > appears > > > to only focus on screen reader access, which means that other > > > assistive tools, even keyboard navigation, may cause issues. In > > > general, captchas > > are > > > viewed as one of the biggest barriers to accessibility out there. > > > And > no, > > > the sound alternatives are not a panaceas and typically add even > > > more difficulty in getting past the captcha. > > > > > > > > Two, it can create cultural barriers if the image verification > > > > task > > > appears. I've seen some tasks that ask me to identify storefronts, > > > but > I > > > failed because I clicked an image of a stand at a farmers market. > Others > > > have asked for trucks but where do you draw the line? I consider a > > delivery > > > van a truck? These might seem minor cultural impasses, but it gets > worse > > > when it comes to language. Supposedly, reCAPTCHA will use the > > > default language of the browser unless you override it in the link > > > during > setup. > > > However, not all users get to change a browser's default language > > > due > to > > > security restrictions on the machine. This penalizes users who are > > > not fluent in the default language of the browser. > > > > > > > > > > > > > > > > > > > > > > > > Katherine Deibel | PhD > > > > Inclusion & Accessibility Librarian Syracuse University > > > > Libraries T 315.443.7178 > > > > [log in to unmask]<mailto:[log in to unmask]> > > > > 222 Waverly Ave., Syracuse, NY 13244 Syracuse University > > > > > > > > > > > > -----Original Message----- > > > > From: Code for Libraries <[log in to unmask]<mailto: > > > [log in to unmask]>> On Behalf Of TAILOR, BHAVIN > > > > Sent: Monday, April 22, 2019 3:59 PM > > > > To: [log in to unmask]<mailto:[log in to unmask]> > > > > Subject: [CODE4LIB] ArchivesSpace reCAPTCHA > > > > > > > > Hi everyone, > > > > > > > > Apologies for the repost if you got this elsewhere. Have any of > > > > you > > > successfully integrated reCAPTCHA or another spam reducer into > > > ArchivesSpace? We've had issues with spam emails coming through > > > the resource request form and reCAPTCHA makes sense since we have > > > it > > elsewhere > > > but we haven't quite gotten the serverside validation side of > > > things figured out in ArchivesSpace. Any help would be greatly > > > appreciated. I > > know > > > some institutions have just disabled the request feature but > > > where's > the > > > fun in that? > > > > > > > > Thanks, > > > > Bhavin > > > > > > > > ------------------------------------------------- > > > > Bhavin Tailor > > > > University Libraries > > > > University of South Carolina > > > > [log in to unmask]<mailto:[log in to unmask]<mailto: > > > [log in to unmask]:[log in to unmask]>> | > 803-777-9584 > > > > > > Disclaimer > > > > > > The information contained in this communication from the sender is > > > confidential. It is intended solely for use by the recipient and > > > others authorized to receive it. If you are not the recipient, you > > > are hereby notified that any disclosure, copying, distribution or > > > taking action in relation of the contents of this information is > > > strictly prohibited and > > may > > > be unlawful. > > > > > > This email has been scanned for viruses and malware, and may have > > > been automatically archived by Mimecast Ltd, an innovator in > > > Software as a Service (SaaS) for business. Providing a safer and > > > more useful place > for > > > your human generated data. Specializing in; Security, archiving > > > and compliance. To find out more visit the Mimecast website. > > > > > > > > -- > > *Michael Della Bitta* > Director of Technology, DPLA > Keybase / Github / Twitter: mdellabitta >