Disclaimer: The materials used in this column are written by VIP students of Kaige Academy. Students have the right to remain anonymous and have the right to final interpretation of the article. Kaige Academy aims to promote VIP students to learn from each other based on public notes.
Introduction to verification code
CAPTCHA is the abbreviation of "Completely Automated Public Turing test to tell Computers and Humans Apart", which is a public automatic program that distinguishes whether a user is a computer or a human. It can prevent: maliciously cracking passwords, swiping tickets, and flooding forums, effectively preventing a hacker from making constant login attempts to a specific registered user with a specific program brute force cracking method. A relatively simple way to achieve this function. This question can be generated and judged by a computer, but only a human can answer it. Since computers cannot answer CAPTCHA questions, the user who answers the question can be considered a human.
The term CAPTCHA was first coined in 2002 by Louis von Ahn, Manuel Blum, Nicholas J. Hopper of Carnegie Mellon University, and John Langford of IBM. Carnegie Mellon University had attempted to trademark the term, but the application was rejected on April 21, 2008. A commonly used CAPTCHA test is to let the user input the text or numbers displayed on a distorted picture, that is, a graphic verification code. The distortion is to avoid being detected by a computer such as Optical Character Recognition (OCR, Optical Character Recognition). The program automatically recognizes the letters and numbers on the picture and loses its effect. Because the test is administered by a computer to a human rather than a computer as in the standard Turing test, the CAPTCHA is sometimes referred to as a reverse Turing test.
For people with disabilities who cannot see images, the alternative method is to use voice to read out alphanumerics. In order to prevent voice recognition from analyzing the voice, there will be noise in the content of the voice. This is the mobile phone voice verification code, which is told by dialing the mobile phone. What is the user verification code.
Common verification code types:
1. Static image verification code
2. Mobile phone SMS verification code
3. Email verification code
4. Puzzle verification code
5. Mobile phone voice verification code
6. GIF dynamic image verification code
7. Video verification code
Graphic verification code
It can be said that the earliest verification code is the graphic verification code, which is also the most common form of verification code. As shown in the figure:
The verification code is generated from the server and sent to the client. The verification code is not a ready-made image, but is temporarily generated in the memory of the server, and usually deleted after it is generated and sent to the client. External verification codes have a valid time, generally 60 seconds to 360 seconds, these are to ensure security.
There are classes related to painting under the java.awt package in Java. Using these tool classes, you can generate simple graphic verification codes.
The following uses the actual code to demonstrate how to generate a simple graphic verification code:
operation result:
Apply the verification code to the login verification:
Html code example:
Captcha Servlet:
Servlet that handles login business:
operation result:
The console prints the result:
