Captchas are those super annoying boxes that make us decipher a usually random string of letters and/or numbers before we can do something on a website. So many sites use captchas now as security measures to prevent bots and spam, but real human users find it to be a necessary evil that’s quite a nuisance. Most of the time those captchas are so difficult to read that you have to try three or four different ones before you get it right. If a human can’t decipher it, surely a computer bot can’t, right?
Captcha is really getting tough these days… (Image by: kristiewells)
Breaking the Code
There are many programs that have been designed to crack different types of captchas, and many are so successful that the captcha is rendered completely obsolete. Since captchas became popular several years ago, many websites have gone through multiple versions of them to stay ahead of new decoding programs. Some types of captchas could be deciphered by a computer bot with a perfect success rate, and captchas have evolved over the years as designers figure out what computers can read and what they can’t.
What Works?
The captchas that are most effective are used by Google, and programs have not yet been able to crack the codes on any type of reliable scale. Google captchas use words that are altered to resemble bumps on a roller coaster. The letters do not form a straight line, and they are different sizes, widths, and skews. Google has been using this type of captcha for many years. Email providers Hotmail and Yahoo also have captchas that are just about perfect.
Lines and Other Tactics
One of the most effective captcha strategy is adding random lines to the box that go in different directions and intersect with the letters and different points. The additional lines will confuse a computer and make it very difficult to determine what letters are present, but a human can see and differentiate the lines from the letters easily. Captchas also may use letters of different shades, with some portions of the letters missing.
Captcha Services
There are many different captcha plug-ins available for you to use on your website. The best and most popular is ReCAPTCHA.com, which is offered by Google. The distorted words with intersecting lines are nearly impossible for computers to decipher with notable accuracy. You can use ReCAPTCHA on your website for free.
What Doesn’t Work?
One previously popular tactic for captchas was adding backgrounds and “noise” to the captcha. The backgrounds, dots, etc. were meant to confuse computer programs, but they can be deciphered. Other captcha ideas involved photos. Some of these tactics can work if a person is asked to identify certain pictures by clicking on them, because it’s difficult for computers to decipher images. For the most part, however, photographic captchas aren’t foolproof. If a person is asked to identify and type the name of an image, for example, there could be many different correct interpretations (ex. beach, sea, ocean, etc.), and accounting for them all would be very difficult. Captchas that ask questions, such as “What’s 1+2?” are also less effective.
Some captchas are so irritating when you can read one of the two words clearly but not a single character of the second word! But captchas are also very helpful in tackling spam. So it has both good and bad effects.
It used to be effective but I’m not so sure about it now.
I think the captcha concept meant well in it’s early days, but now they are almost useless. Just about all of them have been defeated. They may still stop or prevent a few automated bots and spammers, but generally they just annoy and tick of real visitors that can’t figure out or read the darn letters or word. It happens to me fairly often. I can’t figure out what one of the words is supposed to be so I end up refreshing the captcha numerous times until I find a combination I can actually see and read. Sometimes it still tells me it is wrong though. I try to avoid sites that use these things.
Same goes to me. I usually won’t go back to sites that use Captcha.
Hi Peter,
Most of us are aware that captcha are intended to impede spam bots from getting through a website. The funny thing is, even if they are intended simply for that part, they simply annoy the heck out of me. I’ve encountered several times captchas that are readable, but their friggin’ system is busted so even if you input the correct word, it still won’t allow you access. The truth is some weblog owners put captchas on their commenting system too – some work and some are just plain broken.
Yea, I know what you mean. I hate Captchas that are hard to solve/read and I usually avoid sites that use Captcha in their comment system.
Captchas are hassle for me especially when in the mode of hurry and I need things to be done quickly. Captchas really work but Google Captchas does more.
Thanks for sharing your thoughts, Althea. Hope to see you around.
Hi
Really enjoyed this blog about Captchas. As well as stopping spam bots getting onto websites, they often stop me! I am dyslexic and I find them almost impossible to read. I swear a few years ago they weren’t too bad but now they are getting harder and harder to beat the bots and, lots of humans!
I got so frustrated with them I recently started using a captcha bypass browser extension. I chose rumola because it works in chrome and it seems to be very quick and effective. If captchas get much more difficult i think everyone will end up being forced to purchase one of these, especially if they are into blogging.
Regards
Alicia
Yea, Captchas are getting tough these days. If I really couldn’t read a captcha, I will just refresh for the next easier to read ones and it usually works after a few rounds of refreshing. I never heard of application such as Rumola, this is something new for me to check it out. Thanks for sharing that here, Alicia.
The problem with captchas these days, is that too many plugins exist to outsource their decoding. The captcha solution behind reCaptcha seems too difficult to be attacked by a software, but you can find people on freelance platforms eager to pay (or be paid) peanuts for a thousand decoded captchas. If you hide the whole process behind a browser plugin, you get really annoying spammers breaking your captchas, while regular users have to enter them by hand. I hope solutions to that will arrive soon.