DEV Community

loading...

Discussion on: How to create a simple Honeypot to protect your Forms against Spammers

Collapse
qm3ster profile image
Mihail Malo

Good job, now LastPass won't fill my form data into your site and you lost a customer.
I highly recommend no one do this.

Collapse
atif089 profile image
Atif Mohammed

If the functionality of LastPass on a webpage is the basis of your judgment on whether you purchase a product or not then maybe there is something questionable about your judgment criteria itself.

Collapse
felipperegazio profile image
Felippe Regazio Author

I understand your point, but i believe you can drive it to your needings, without lose a customer. If you want to integrate with last pass, for example, just keep the inputs you need and creating only one to use as honeypot (phone for example, i dont know), which is hidden, not required and not used by anything. One single input is enough to catch some spammers : )

Collapse
qm3ster profile image
Mihail Malo

Then LastPass will fill the invisible field, especially after the lengths you went through to make them hidden in a special way, not the conventional way.
It's basically the same thing as your bots 😄

Thread Thread
felipperegazio profile image
Felippe Regazio Author

so, what i mean is to you to use names that lastpass didnt use or adapt the core ideia on the post to your needings. last pass will not fill your entire form, and you can configure autofill on lastpass or use flags from their api like 'data-lpignore' which will tell the lastpass to not fill some fields. however, hope this to be useful to someone.

Collapse
digitalcake profile image
Josh Chernoff

Tells everyone to not do this but says nothing as a better opinion. Sure buddy I will totally follow your recommendation 🙄

Collapse
qm3ster profile image
Mihail Malo

Relying on normal spam protection that doesn't impact usability?