Captchas that Work and Captchas that Don’t

Captchas are those super annoying boxes that make us decipher a usually random string of letters and/or numbers before we can do something on a website. So many sites use captchas now as security measures to prevent bots and spam, but real human users find it to be a necessary evil that’s quite a nuisance. Most of the time those captchas are so difficult to read that you have to try three or four different ones before you get it right. If a human can’t decipher it, surely a computer bot can’t, right?

captcha

Captcha is really getting tough these days… (Image by: kristiewells)

Breaking the Code

There are many programs that have been designed to crack different types of captchas, and many are so successful that the captcha is rendered completely obsolete. Since captchas became popular several years ago, many websites have gone through multiple versions of them to stay ahead of new decoding programs. Some types of captchas could be deciphered by a computer bot with a perfect success rate, and captchas have evolved over the years as designers figure out what computers can read and what they can’t.

What Works?

The captchas that are most effective are used by Google, and programs have not yet been able to crack the codes on any type of reliable scale. Google captchas use words that are altered to resemble bumps on a roller coaster. The letters do not form a straight line, and they are different sizes, widths, and skews. Google has been using this type of captcha for many years. Email providers Hotmail and Yahoo also have captchas that are just about perfect.

Lines and Other Tactics

One of the most effective captcha strategy is adding random lines to the box that go in different directions and intersect with the letters and different points. The additional lines will confuse a computer and make it very difficult to determine what letters are present, but a human can see and differentiate the lines from the letters easily. Captchas also may use letters of different shades, with some portions of the letters missing.

Captcha Services

recaptchaThere are many different captcha plug-ins available for you to use on your website. The best and most popular is ReCAPTCHA.com, which is offered by Google. The distorted words with intersecting lines are nearly impossible for computers to decipher with notable accuracy. You can use ReCAPTCHA on your website for free.

What Doesn’t Work?

One previously popular tactic for captchas was adding backgrounds and “noise” to the captcha. The backgrounds, dots, etc. were meant to confuse computer programs, but they can be deciphered. Other captcha ideas involved photos. Some of these tactics can work if a person is asked to identify certain pictures by clicking on them, because it’s difficult for computers to decipher images. For the most part, however, photographic captchas aren’t foolproof. If a person is asked to identify and type the name of an image, for example, there could be many different correct interpretations (ex. beach, sea, ocean, etc.), and accounting for them all would be very difficult. Captchas that ask questions, such as “What’s 1+2?” are also less effective.

11 Comments

  1. Mahaveer
    • Peter Lee
  2. Ray
    • Peter Lee
  3. Felicia
    • Peter Lee
  4. Althea Young
    • Peter Lee
  5. Alicia
    • Peter Lee
  6. Mancko