What s the matter with the captcha? I don t know what to do with the verification code

1）.Captcha is generally to prevent batch registration, and it looks difficult to the human eye, let alone a machine. Two like the post bar is not logged in to post to enter the verification code is probably to prevent the occurrence of large-scale anonymous replies At present, many ** in order to prevent users from using robots to automatically register, log in, and irrigate, all use verification code technology.

The so-called verification code is to generate a string of randomly generated numbers or symbols, add some interfering pixels (to prevent OCR), and the user will recognize the verification code information by the naked eye, enter the form to submit** verification, and only after the verification is successful can a certain function be used.

2）.Generally, the place where the user ID is registered and the major forums require a verification code.

3）.Common captchas.

1. Four-digit number, a random one-digit string, the most original verification code, the verification effect is almost zero. 2. CSDN** user login is in GIF format, which is currently commonly used as a random number ** verification code. **The characters on the ** are more decent, and the verification effect is better than the previous one.

For those who do not have basic graphic iconography knowledge, it is unbreakable! It's a pity that the program that reads it, on the first day that csdn used it, seems to have been published in the forum, which is really pitiful!

3,QQ**User login is in png format,**Random numbers + random capital English letters,The whole composition is a bit flamboyant,Every time you refresh it,Each character will change its position! Sometimes the ** that comes out can't be recognized by the human eye, it's amazing....4. When MS hotmail is applied, it is in bmp format, random number + random capital English letter + random interference pixel + random position.

5, Google's gmail registration is in jpg format, random English letters + random color + random position + random length. 6. Other major forums are in XBM format, and the content is random.

4) Significance: In order to prevent users from using robots to automatically register, log in, and irrigate, they have adopted captcha technology. The so-called verification code is to generate a string of randomly generated numbers or symbols, add some interfering pixels (to prevent OCR), and the user will recognize the verification code information by the naked eye, enter the form to submit** verification, and only after the verification is successful can a certain function be used.

1.The mobile phone number was entered incorrectly.

2.The network environment is poor, or the server is busy.

Recommendations:1Recheck the mobile phone number;

2.Check whether the current wireless network (or traffic) can access the Internet and whether the signal is stable. Maybe try it in a neighborhood setting. Avoid signal blocking and interference.

You can click on Change Captcha** and type it as required.

The letters or numbers in the box go in、Finally, click OK。

Yes, because the card only shows that there is nothing in the session box、、You have to wait or refresh.、If it doesn't work, there's a problem there.、、Most of it is because of the card.、、The network speed is too slow、、Wait a minute.。

What's going on with sending verification codes all the time1Generally speaking, the verification number is only valid if it is correctly sent to the corresponding mobile phone login, if you receive a lot of verification numbers inexplicably, it may be possible or guess that your mobile phone number is leaked due to some group tour reasons; 2.Or due to some reasons, your mobile phone number is bombarded by criminals with text messages, constantly sending verification codes and other spam messages to your mobile phone number; You can try to use third-party mobile phone manager and other software to set up harassment blocking to reduce harassing text messages as much as possible.

The captcha is used for the front-end and does not interact with the back-end.

If you set the verification code to interact with the backend and set the session session, but do not pay attention to the lifetime of the session, you should refresh the verification code once when you send a GET request or POST request, and set a new session to forcibly destroy the session set by the previous verification code.

Captcha problem in cookies.

Some systems don't display a verification code by default, but instead appear after a certain number of user verification errors. So how can you tell if a user has made a mistake a few times? Possibly so:

1.Write a tag in the cookie, e.g. loginerr = 1, and subsequent errors will be accumulated.

2.Write a tag in the session, e.g. loginerr = 1, and subsequent errors accumulate.

The question is, what if an attacker submits an HTTP request without a cookie? Or, the attacker doesn't update the cookie

What about repeated commits of loginerr values? This way, the program will not be able to obtain the cookie sessionid and will assume that the attacker is accessing it for the first time. The captcha will not appear at any time!

The captcha is too simple and easily recognized by the machine.

There is noise around the letters, and the font is twisted and curved.

Different styles, letter shading, letter sticking, background color interference.

The main body interferes with the line, the background color is dry, the background letters are disturbed, the font is distorted, and the letters are sticky.

Background interference line, background color interference, background letter interference, font distortion, letter adhesion, font hollowing.