Spam is one of those things we wish didn’t exist. It’s annoying and serves no useful purpose. Mail inboxes filled with junk mail, websites with bogus contact form submissions, and products hit hard by fake sign ups are only a few common victims of spam. And unfortunately that’s here to stay.
You may have found yourself on the receiving end of those problems. In fact, you may have reached this blog post in your research to rid or lessen your spam problem. Fortunately you’ve arrived at an answer. The Honeypot technique is a fast, easy, and effective means to prevent spam.
Before I go into detail on how to implement the Honeypot technique, I want to cover two other options that are still in use to prevent spam, and why you shouldn’t use them.
Two Spam Prevention Options I Avoid
The first is Captcha. A captcha is an image that renders text in an not-so-easy-to-read way, also known as challenge text. By requiring users to type the challenge text into a text field, it verifies some form of human interaction and intelligence. So if what the user enters matches the challenge text, the user is said to have successfully completed the challenge and their form submission is allowed to proceed.
Spam bots, on the other hand, often lack the intelligence to defeat the challenge. First because the challenge text appears in an image, not html markup, reducing their chances of reading it. And second, because their often unaware that the form field attached to the captcha is looking for a specific entry. Most spam bots fail captchas due to both of these reasons.
A second option is implementing a question and answer field. For example, a sign up form may include the following question: What color is an orange? Humans can easily answer that question, whereas spam bots won’t be smart enough. Once submitted, the answer to the question can be tested, if it’s correct the form was likely submitted by a human and can be handled accordingly.
Both Degrade The User Experience
While both options are easy and help prevent spam, I don’t recommend them because they interfere with the user experience. Often times they can even be frustrating to deal with and prompt users to leave. A good example of that would be captchas that output text that’s too hard for humans to read.
For that reason I always recommend implementing the least invasive option available.
Enter The Honeypot Technique
The reason the Honeypot technique is so popupar is b/c, in addition to how easy and effective it is, it doesn’t interfere with the user experience. It demands nothing extra of them. In fact, your users won’t even know you’re using it!
To implement the Honeypot technique, all that’s required is adding a hidden form field to the form in question. The form field can have any name or id associated to it, but make sure to add a display: none CSS rule on it. Here’s a brief example:
Note that I have 2 email fields, real_email and test_email. test_email is hidden via display: none, so it’s not visible, nor can it be submitted by real users.
And that’s what gives away whether the form submission is spam or not. Real users won’t be able to see the field, or submit any value for it. Spam bots, however, will still see the field in the form’s markup and submit it with the rest of the form.
So from there all that’s needed is to test whether the hidden field was submitted or not. If it was, the submission can be treated as spam.
And remember, because the field is hidden and out of view, users don’t even know it’s there. That’s a more user friendly approach to spam prevention vs. having them complete a captcha challenge, or answer silly questions.
Spam is here to stay, but fortunately the Honeypot technique offers a fast and effective way to prevent spam. Even though there are other options to consider, keep your users in mind and always prefer the least invasive approach to mitigate spam.
All the Honeypot techniqure requires is adding a hidden field to the form in question. With that, just about any form can become spam free.