Preventing Spam by Keystroke Counting

By Deane Barker on March 8, 2005

MT-Keystrokes: This isn’t a bad idea. This plugin counts the keystrokes entered in the TEXTAREA for the Movable Type comments form, and sends that number with the comment. the plugin does some arithmetic on it to make sure it roughly matches the number of characters in the comment.

Based on the experiments of Simon Goodway, it seems that a simple way to reduce comment spam without affecting the reader’s experience is to make sure that every comment has some level of human input.

As Simon suggests, by validating that the user has entered keystrokes while entering a comment (using javascript), we can effectively weed out any robots that bypass the comment form altogether.

Obviously, if you paste something into the field, you’re either going to have one keystroke (CTRL-V method) or none (right-click method) in exchange for a lot of characters, so I imagine this plugin has to be a little forgiving since people tend to paste URLs rather than type them.

Good idea, but I’d like someone else to try it first. Found via the consistently good LifeHacker.



  1. I got to thinking about this, and what’s to prevent a spammer from just filling this hidden form field with an acceptable value? If you name the field randomly, they could still find it since the onkeypress event for the TEXTAREA has to write to this field, so it has to be named. Right?

  2. I often compose stuff in BBEdit and then paste it in (the whole comment). So I guess that wouldn’t work anymore.

Comments are closed. If you have something you really want to say, email and we‘ll get it added for you.