Welcome to the new Independent website. We hope you enjoy it and we value your feedback. Please contact us here.


Cyberclinic: How can I stop people hacking into my email?

Considering how many online services we end up subscribing to, it's not surprising that we sometimes need a few attempts to get our passwords right. After failing a couple of times, you often see a little box popping up with a random jumble of skewed letters on a hazy background, which you have to decipher. These tests are known as Captchas (Completely Automated Public Turing test to tell Computers and Humans Apart) and were introduced around eight years ago as a way of proving that the person trying to log in is indeed a person, and not a computer intent on cracking your password by inputting endless different combinations until the password is cracked.

Last year, we reported that Captchas were the best line of defence against online fraud and the perfect way of checking that a computer is not hacking into your email account. Despite the fact that I display all the frailties and anxieties of a normal human being, I often can't get these tests right either. But now there's a more serious problem: Captcha crackers.

Captcha cracking allows spammers to set up fake accounts and bombard us with sales pitches for creams, pills and fake designer watches – and security firms have noted that Captchas for the most popular webmail services have been broken. In the past week, this has led to mails originating with Hotmail, GMail or Yahoo! to be pushed down the priority list by spam-filtering services.

We had a comment on our blog from Tim, noting that "e-workers are now being paid to sit deciphering Captchas all day". It's incredible, but true. And, as a result, valiant projects such as reCAPTCHA (which digitises old books and picks out suitable Captchas that would fool an automatic cracking system) start to look a bit futile.

Hotmail, Google and Yahoo! will now somehow have to come up with a system that allows bona fide users through, but shuts out lowly paid spamming teams in Omsk. And I don't envy them that particular task.

Diagnosis required

Email any technology gripes to cyberclinic@independent.co.uk, or join the discussions on the blog at www.independent.co.uk/cyberclinic. Currently under discussion: Should you really be creating your own Wikipedia entries?