How to Prevent Automated Website Registrations?

While you register with a website to become a member of that site you would have noted that you are asked to enter the text that is displayed in an image to a form field. The image that displays the text is randomly generated for each registration. This makes sure that the user who is registering with the site is a genuine user. This prevents automated registrations to the site.

1. Generate a random string
2. Generate an image with the random string that was generated in the earlier step

After you generate the image with the random string you can use an image control to display the image. The image control can be embedded in the form that is used for registration so that the user can view the image that is generated and key-in the text that is displayed in the image. You can use a code similar to that given below to generate a random string.

public static string GenerateString()
{
int iSLength=0, iRN=0;
string sRString;
Random rR =new Random(System.DateTime.Now.Millisecond);
sRString = "";
while (iSLength < 5){
iRN = rR.Next(0, 86);
if(((iRN >= 0) && (iRN<= 9) || (iRN >= 65) && (iRN <= 86))){
sRString = sRString + (char)iRN;
iSLength = iSLength + 1;
}
}
return sRString;
}

In the above code you are generating a random number and that random number is converted to a character if the number is equal to or between 0 and 9, or between 65 and 86. You may note that the number 65 corresponds to letter ‘A’ and you know what is the number for the character ‘Z’. The characters are concatenated to string variable until you get the length of the string that is desired. The code for generating a string can be within a function so that it can be used while generating the image.

To generate an image on the fly with the string that is generated you can use the Graphics class.

Bitmap bmpImage=new Bitmap(80,25);
Graphics g=Graphics.FromImage(bmpImage);
g.Clear(Color.Red);
string sRS=GenerateString();
Session["sessionRS"]=sRS;
g.DrawString(sRS,new Font("Arial",14),new SolidBrush(Color.Black),2,2);
bmpImage.Save(Response.OutputStream,ImageFormat.Gif);
bmpImage.Dispose();

The above code is used to generate an image on the fly and is outputted to the response stream. This output is fed to the Image control that is used in the registration form. If you have the above code snippet in one webform, the URL of that webform is the URL of the Image Control in the registration form. This enables the generated image to be bound to the image control for display in the form. The image control would have code something similar that is given below:

<asp:Image id=Image1 runat="server" ImageUrl="url-of-the-page-that-generates-image" />

To compare the string in the generated image with the string that is typed by the user, the string that is generated is immediately stored in a session variable and then the image is generated. The string that is stored in the session variable is compared with the string that is keyed in by the user and error message is generated if needed. The above code for generating the image is placed within an “if” block which checks whether the user accesses the page for the first time. If the user is accessing the page for the first time then the image is generated, otherwise not. The code,

bmpImage.Save(Response.OutputStream,ImageFormat.Gif);

saves the image that is generated in the GIF format for display.

You can use the above algorithms and code snippets to develop web forms in .Net that enable you to prevent automatic registrations to the websites. These are very easy to use algorithms. There are also controls developed by third parties for preventing automatic registrations.