(2018-07-08, 09:38 AM)linguist Wrote: [ -> ]One of our security questions is: "What weekday is this year's Good Friday?" -- 67% fail rate, both for bots and human spammers.
Your question was a bit obscure on the usage of weekday, but I can't count out human stupidity.
Check this out:
![[Image: e26fe885327734fc12775a7492eb3f32.png]](https://camo.mybb.com/98f6beccf8a260e7d5da3bc7977c7e322e7c1533/68747470733a2f2f692e6779617a6f2e636f6d2f65323666653838353332373733346663313237373561373439326562336633322e706e67)
and the most surprising of them all:
![[Image: 66333d6757cd655477fb539908dd436f.png]](https://camo.mybb.com/8a5b1df3fc6e23ca6e4da7262495e6a610bc8f88/68747470733a2f2f692e6779617a6f2e636f6d2f36363333336436373537636436353534373766623533393930386464343336662e706e67)
As per my previous posts I found the security questions don't really serve a purpose and just have one question now.
If they are a bot they will try pre programmed responses (default or commonly used answers).
If they are human they will just rotate questions and program the answers into a script for a bot.
So in the end all questions prove is a IQ test which is annoying for most people that register.
So I did away with questions on my site only one simple question asking users to accept they are not spammers or marketers and the answer is in the question.
Its doing the same thing as all the hundreds of questions you guys come up with and if bots automate it I'll just change the answer keeping the question the same.
(2019-06-20, 08:49 AM)drguild Wrote: [ -> ]As per my previous posts I found the security questions don't really serve a purpose and just have one question now.
If they are a bot they will try pre programmed responses (default or commonly used answers).
If they are human they will just rotate questions and program the answers into a script for a bot.
So in the end all questions prove is a IQ test which is annoying for most people that register.
So I did away with questions on my site only one simple question asking users to accept they are not spammers or marketers and the answer is in the question.
Its doing the same thing as all the hundreds of questions you guys come up with and if bots automate it I'll just change the answer keeping the question the same.
That may be true if someone was using the default MyBB security questions.
However, I have made up my own security questions. I have 10 rotating questions, most of them are complex mathematical questions.
However, one question, you have to spell out the answer.
Bots wouldn't know the answer to that question. Only humans can answer it.
I'm not going to show everyone my security questions, but my point is, the more questions you have, the harder it is for the bots to register.
I do agree that it is not "spam-proof", but it does make that one step harder to bypass.