The Telerik RadCaptcha offers three modes of protection. These are actually spam protection strategies and you can define which strategy should be used for spam protection. For maximum security, by default, all of them are used.
The Automatic Robots Discovery
strategy uses predefined rules which decide whether the input comes
from a robot or not. At this point, there are two implemented rules
that could be applied either separately or simultaneously.
- Minimum form submission time - the presumption is that a
human cannot input the fields in a form correctly for a time less than 3
seconds (this is set by default, and could be modified). If the
submission is executed faster than the predefined value, it is assumed
that the executor is a robot.
- Hidden textbox in the form (the so-called "honeypot") -
this rule requires the insertion of a textbox which is not visible when
the form is styled. Still, it will be detected by a robot, and
therefore if any data is entered, the executor is considered to be a
- The next mode is the usual Captcha.