Quote:
Originally Posted by toonpornblog
Protip: Using both the current time of login and captcha text as salt makes it quite difficult to 'crack' someone's key. 
I usually use two seperate keys - the original login, and one that's set on access. If there's more than time_len difference, I force a logout. It keeps people feeling a little secure (if it takes you more than fifteen minutes to rub one out to a single picture before you decide to move on, it's not my problem.)
|
heh, captcha, havnt seen many site that wasnt bypassable to date.
go try to bypass nats captcha for example, all you have to do is look at one code copy that code to your server bot, and it will work for all attempts
I had to bypass it to download content zips from a nats sponsor to server and
they forced captcha, LAME THING TO DO!!!