The Cutest Little Captcha System Ever

By Deane Barker on April 7, 2006

KittenAuth Test: Cute overload, man.

KittenAuth is a new system for human-checking that forgoes all the useless random string crap that people cannot read, and replaces the whole lot with pictures of cute animals.

The current 9*9 design displays 9 pictures and requires that the user clicks 3 pictures of kittens. The location of the kittens in the grid is random and to make things more fun the contents of the pictures changes too.

Regardless of the cute factor, this is essentially a combination lock. I didn’t look at the underlying code, but if you hash the sequence into a string, then compare it on the server, then do you have something secure-ish enough to keep out bots?

Via MetaFilter.



  1. You’re absolutely right. When you think about it, it’s robots we’re talking about here. They don’t get tired of doing the same thing eight grillion times in a row, so however many pictures you put up they can just hit your server over and over and over and over and over again until they have them all. Then they just present the unique ones to a human who says which ones are kittens and which are not and bingo you’re pwned.

    SO, what could make this (slightly) more secure? Two things: first, have tons of questions that each picture is possible of answering/not answering. So kittens could be cuddly, young, animals, furry, have two eyes, have four feet, etc. Then the “person categorizes the actual pictures found” step becomes far far far more expensive.

    Second, have the program tweak the pictures each time they’re sent, so that if you have (say) 400 pictures, you can make them into 800,000 pictures just by slightly modifying the brightness, contrast, etc. (the idea is to modify every pixel, not just change a few to change the hash results). However there may be some ‘standard’ set of image analysis tricks to make these equivalent, or maybe a properly trained neural net could see through this clever ruse.

    Anyway, not a bad idea — the CAPTCHA concept is pretty fascinating.

Comments are closed. If you have something you really want to say, tweet @gadgetopia.