I am a bit confused with the usage of the various modes of protection in RadCaptcha. Can someone get me how the Captcha, time out and Hidden textfield differ?
The Telerik RadCaptcha offers three modes of protection. These are actually spam protection strategies and you can define which strategy should be used for spam protection. For maximum security, by default, all of them are used.
The Automatic Robots Discovery strategy uses predefined rules which decide whether the input comes
from a robot or not. At this point, there are two implemented rules
that could be applied either separately or simultaneously.
Minimum form submission time - the presumption is that a
human cannot input the fields in a form correctly for a time less than 3
seconds (this is set by default, and could be modified). If the
submission is executed faster than the predefined value, it is assumed
that the executor is a robot.
Hidden textbox in the form (the so-called "honeypot") -
this rule requires the insertion of a textbox which is not visible when
the form is styled. Still, it will be detected by a robot, and
therefore if any data is entered, the executor is considered to be a
robot.