CAPTCHA: User-Unfriendly by Design

By Robert MohnsMonday, Jun 4, 2007 / 11:04am View more articles

You may not of heard of CAPTCHA , but you've probably run afoul of one.

CAPTCHA is an acronym for "Completely Automated Public Turing test to tell Computers and Humans Apart" (TM Carnegie Mellon University).

Spammers run web-surfing "bots" that spam web forms in hopes that the content will be published back onto the web — in blogs like this one, for example. CAPTCHA is intended to tell apart real humans from spam-bots, a form of Turing Test.

The problem being, many CAPTCHA systems are so challenging that humans can't pass the test.

Examples

Parallels Forum Registration:


Is the third character an letter S or a number 5? Is the fifth a distorted lower case b or a number 6?


Are the X's capital or lower case?

SmallDog blog comment form:


What's the center character, a zero or a letter O? (I failed this one.)


I failed this one too. If I weren't so stubborn I would have abandoned my blog comment by now.


O or Q? S or 5 or 6? Hope you guess correctly.

Digg story submission:


Well, it could be a lot worse...

A basic failure

The problem is in in the basic idea. Someone's going to comment that I've chosen examples of poorly done CAPTCHAs, but that's not really the point. CAPTCHA can be tuned, but ultimately they leave the real users holding the bag, because every time the user tries to act, they are actively challenged to perform a difficult cognitive task.

I can't think of any more user unfriendly behavior.

CAPTCHA is a noble idea, but the test should be based on the user's actions — not some test which is so challenging that you risk driving away your visitors or potential customers.

And heck, that's not even getting into the accessibility issues — CAPTCHA completely locks out the visually impaired. The W3C discusses this in its Inaccessiblity of CAPTCHA page.

Get out of the way

The iMarc blog doesn't put a CAPTCHA barrier between users at their comments. Instead, it screens the content based on a number of factors, ranging from blacklisted IP addresses and domains to the ratio of spam terms to non-spam terms. It works fairly well. Most of the time, comments go through without trouble. It stops a lot of real spam. And most importantly, it doesn't inconvenience the user every time they use the tool, which is the main failure of conventional CAPTCHA systems. It only adds inconvenience when the user does something that looks suspicious.

And this is the way to perform user friendly "human testing": perform the test on the user's actual actions and content contributions. Don't create a usability barrier. Get out of the user's way.

CAPTCHA. User-Unfriendly by Design.

Comments have been turned off on this blog.
Read something more recent.

Statements and opinions expressed in this blog and any comments made are the private opinions of the respective poster, and, as such, iMarc LLC is neither responsible nor liable for such content.

Meet The Author

Robert Mohns

Information Architect

Search

Recent Blog Posts

Recent Comments

We heart Visitors

  • iMarc
  • 14 Inn Street
  • Newburyport, MA 01950
  • Phone: (978) 462-8848
  • Fax: (978) 462-8807
  • Directions

Contact Us

Whether you have a huge project specification or just want to talk about updating your site, we’re here to help. Fill out the form, and we’ll get right back to you.

Contact Us
  • All Fields Required

Close