https://www.basesecrete.com/active_hashcash.html : Securing a web application is not trivial. Every feature and especially public exposed forms are potential security breaches. Any breach will eventually be exploited, even on small applications. For a long time, we have been looking for the best way to protect login and registration forms against brute force attacks and spam bots, often using a combination of techniques.