In-Reply-To: <20050321182737.81B6B15F507@xxxxxxxxxxxxxxxxxxxx> >Resource metering through client-side computationally intensive "electronic >payments" can provide an alternative strategy in defending against brute >force guessing attacks. The first question I had was, Why not just use a turing test. It's simple and, theoretically, only humans can distinguish the passphrase. It requires much less overhead. Obviously this would be used in addition to a password. That's my two cents.
