ColdFusion MX and CAPTCHA

Well, I'm just trying to figure out why it wouldn't be easier to have a unique string passed with each request that is also tied to the correct "answer" for the image.  That way, the spider could not post multiple times with the same unique string.  It just seems like that would even rule out the brute force attempt. John It could loop over the URL. But if the string for the image is stored in the session and compiled into the image, the only way it could figure it out would to be use brute force (guessing over and over again), decompiling the image and trying to read what is the text, or using OCR. 1 and 2 are over complicated for most people, and OCR would be difficult if you chose a good image with a good text format on it. None are fool proof. But mine and Ryan's idea is the best bet for most situations. You just have to have a good string and a good background image. Burns, John D wrote: > Right, but what I'm saying is that once it has the cfid and cftoken, > couldn't it loop over a url passing possible texts for the image (thus > keeping the same session)