CAPTCHAs Other Security Considerations


CAPTCHAs (Completely Automated Public Turing tests to tell Computers and Humans Apart) are tests used on many websites to ensure that data is being submitted by a real human user, rather than a spambot or similar.

CAPTCHA example

A popular implementation of CAPTCHA at the moment is reCAPTCHA, which serves the purpose of a standard capture while also digitising books with the user input. It also provides a function that many CAPTCHAs do not (although it is becoming more commonly implemented) - sound tests so that they are accessible to blind users.

How could this happen to me?

There are many alternate forms of CAPTCHA available, however, some better than others. Some bad designs to avoid are:

image CAPTCHA
Make sure to make the colours somewhat different between background and text.

maths CAPTCHA
Not all users will be able to solve mathematical problems.

rainbow CAPTCHA
This design is fairly painful to read, and may not be ideal for people who are colourblind.

symbolic CAPTCHA
If users have to work out what each symbol is supposed to mean, they may not bother using your site.