iRead, iLearn, iWrite. Hence, iBlog.

For Indian Military, Nuclear & Space matters, visit:

Sunday, September 26, 2010

Google's unwise spam/bot verification process

Needed to create an alternate e-mail account to transfer a certain group of e-mail types from an existing account to another to try and end the insanity prevailing in that account.

Being a long time user of Google's email service [Gmail & Google Apps] & the other associated Google services that one can access with a Google account, thought no further than Gmail again to create a new account.

However, I was dismayed to discover that Google now asks me for a cell phone number for verification to ensure that the account is being created by a human & not bot or spammer.

Google asking for a cell phone number to register a new account

Now, the reason I am dismayed with this step, does not have anything to do with any privacy concerns arising out of sharing my number, but the fact that it is now necessary to possess a cell phone to create a Google account.

It is an especially unsound move for a country like India, where, despite impressive cell phone penetration, not every body possesses one, yet. Now, it may so be that Google allows the number be used for verifying multiple Gmail sign ups.

So everybody who wishes to sign up with Gmail would now need to either posses a functioning cell phone or have somebody sitting by the side who has one, so that the verification code can be received - how cumbersome, a total put-off.

The reason given for them to implement this step is to verify if the registration process is being performed by a bot or human, &, if the former, stop it. But then if that is the case, why are people made to recognise a Captcha & enter the corresponding alphabets and numbers in the previous page of the registration process.

If Gmail has not faith in its ability to detect Bots using captchas, then should they not replace with some other form of captchas, say, like the Re-Captcha, an entity it bought over not so long ago or completely do away with captchas if they find it ineffective. Cell phone verification and captchas are nothing but duplication of the same intent.

I remember, when in the second year of college, being asked by classmates to assist them in creating their first e-mail account. I, myself bought my first cell phone only when I was the second year of college. Now-a-days it is, however, not a rarity to see kids as young as in class 9 & 10 carrying one around, as they race from one tuition class to another. However for a vast majority of people in India, a cell phone is still not an indispensable device to possess and many are doing fine without it. By coupling registration to Google account with possession or access to a cell phone, it is going to turn off a significantly large number of Indians from using the extremely useful set of services Google has to offer & turn to other similar service providers.

I hope better sense prevails over the people at Google & they roll back this step.

I, on the other hand, decided to try out Microsoft's Live e-mail account & created an account with it instead.

Microsoft considers password of medium strength even if its exceeds permissible character limit

As it turns out, your password will never be too strong for Microsoft, even if it exceeds the 16-character limit imposed on password length.

Update: [2010.09.27] After I posted this, somebody tried to create an account with Google, but was not prompted for entering a cell phone number. Tried it myself - no number asked for this time around. People speculating that since my IP is dynamically assigned to me by my ISP [Tata Indicom], the IP address [or range] assigned to me during that session was probably used by someone else to to create spam accounts [or tried to run a bot to automate signing up] & hence I was prompted to enter the cell phone number when I tried to sign up.

However, the reality behind this roll-back is likely to be far more mundane, having nothing to do with any abused IP numbers or some such gobbledok - it may just so happen that my blog is the first thing Larry Page accesses after logging on to the Interweb every day. So seeing me complain about the cell phone verification process, gets his coders to roll it back - a lot more plausible an explanation I'd say.