Sign Up to our social questions and Answers Engine to ask questions, answer people’s questions, and connect with other people.
Login to our social questions & Answers Engine to ask questions answer people’s questions & connect with other people.
Lost your password? Please enter your email address. You will receive a link and will create a new password via email.
Please briefly explain why you feel this question should be reported.
Please briefly explain why you feel this answer should be reported.
Please briefly explain why you feel this user should be reported.
I am considering generating a unique form token and storing it in a session, and embedding it as a hidden input in my forms.
Could I make this work for pages containing multiple forms, is it still safe to use the same token for each form?
I’m looking to detect bot requests on my website, can these form tokens really safely replace CAPTCHAs?
Nope, these tokens cannot replace captchas because these things serve different purposes.
From your confusion with tokens and captchas I suppose that you don’t really understand these tokens. Are you sure you need separate tokens for every form? May be one token per session would be enough?