ASP.NET CAPTCHA control, improved

I improved the ASP.NET CAPTCHA server control I mentioned yesterday:

Control respects all standard ASP.NET server control properties (font, border, accesskey, enabled, etcetera)
Hide ViewState property (it's required!)
Added CaptchaLength property
Added CaptchaFontWarping property
Improve font sizing algorithm
Improve warping algorithm (more mild distortion, no more drawing outside the box)
Remove "1,0,I,O" from possible Captcha characters to prevent confusion in entering text
Text is now optional
lots of other little improvements

If you are willing to sacrifice less OCR-ability for more human readability, you can adjust the CaptchaLength and CaptchaFontWarping properties to taste. For most applications, simply having a captcha of any sort is probably enough to block casual bot attacks, and shorter less warped phrases are definitely a lot easier to read. The default is 6 characters with medium warping, which is a good blend.

You can download the solution from my CodeProject article if you're interested. There are only two projects in the solution; an ultra simple demo website and the control library itself.

To see a CAPTCHA in action, check out the Yahoo mail signup page. Refreshing the page will generate a new one every time..