Have you ever tried to get into a website and had to prove whether you’re human or not? And were you successful in proving that you’re a human, not a bot? Are you even sure you’re human? (If you’re not, this article is not for you.)
But, if you’ve ever been frustrated by this test, or ever thought this test was ridiculous, this article is for you. CAPTCHA is useful for websites to differentiate human visitors from spam bots but makes the user experience difficult, if unbearable, and could lessen actual human traffic to your site.
If you have ever thought a CAPTCHA test — whether in the form of a vehicle, crosswalk, bird, plane, or whatever — was bad for you, read on to find out its pitfalls and its alternatives. In this article, we’ll go through the hows and the whys of the CAPTCHA, proving our ultimate conclusion that it’s terrible for UX. We’ll also discuss some alternatives to CAPTCHA that might interest you instead.
In the great words of The Killers, “Are we human, or are we dancer?” allowing us to begin our CAPTCHA UX analysis.
This test that distinguishes humans from robots is aptly named CAPTCHA, which stands for “Completely Automated Public Turing Test to Tell Computers and Humans Apart.” “Turing” is named for Alan Turing, the inventor of CAPTCHA, who will learn more about it later when we go into the brief history of the test.
Users encounter CAPTCHA tests while filling out forms or polls, buying things online, signing up for accounts, or even interacting in a forum — mostly everything you do online.
The core function of CAPTCHA is to distinguish humans from robots through a test. But it does this through knowledge of human ability and how it’s different from a computer’s abilities. The CAPTCHA must keep track of a computer’s abilities as it learns and grows to copy a human’s abilities and evolve as humans and computers evolve together.
One example of this is how the first CAPTCHAs only distinguished between the human ability to recognize letters that were deformed or distorted, and the early computers’ inability to do so.
The text-based CAPTCHAs phased out as this generation’s computers mastered this ability. CAPTCHAs have evolved to use image recognition, such as distinguishing between crosswalks or traffic lights — something that also needs to evolve again soon as machine learning gives computers the depth of field to distinguish between images.
The basic use of CAPTCHA is to create tests that humans can solve but bots can’t, to allow them access to privileged online activities that can only be given to humans — one example would be an online ticket booth pre-selling a Taylor Swift Era’s Tour ticket that goes for $5,000 at 10:00 a.m. We all know bots are not true Swifties.
In fact, aside from rooting out the humans from the bots, CAPTCHA roots out the true ticket-hunting, online-shopping, website-scrolling humans from the fraudulent and criminal activities of the humans behind those bots.
In the early days of CAPTCHA, it slowed down and stopped password-stealing, credit-card-sharing, and forum-spamming fraudulent humans. And it might very well be continuing to do so as we speak.
The most basic uses of CAPTCHA are to:
But remember, it can only stop so many bots — not all of them. It doesn’t actually protect information from getting out. Remember that any website you visit keeps a file of your personal and even financial information, and CAPTCHAs can’t do anything about that. So remember that next time you give a gift to Grandma online.
So now that you know what CAPTCHA is, and before we go into what makes them bad, let’s first go through why they were invented. CAPTCHAs were named after Alan Turing’s proposition for a system that can be used to tell humans and computers apart. The term was coined in 2003 by Luis von Ahn, Manuel Blum, Nicholas J. Hopper, and John Langford.
It was developed in the late 1990s, when ecommerce was only starting to be in general use. For example, Amazon was invented in 1994. Computers were starting to be used by human scammers worldwide to fool other humans, starting at the advent of computers but only becoming smarter as the years went on.
CAPTCHA was then put into general use during the early 2000s to prevent spam. Now, it can track user behavior and can be triggered for spam or bot behavior, such as clicking links too fast or requesting webpages multiple times.
There are a lot of issues with CAPTCHAs. It keeps out some users while letting in bots that are desperately wanted out.
CAPTCHA has an accessibility issue that was not taken into account by their predecessors. Even though CAPTCHA was invented supposedly for all computer users, it doesn’t account for blind or visually impaired people. It does not work on most screen readers that the visually impaired use.
Neither the text-based CAPTCHA nor the graphical CAPTCHA of this day and age account for blind or visually impaired people. The graphical one is already hard for general users. This shuts them out from specific websites that use CAPTCHA or other uses of the test, which is inaccessible.
Similarly, CAPTCHAs might prevent access for certain cultural groups. Many CAPTCHA systems assume a Western orientation — knowledge of the English language, recognition of Western Latin characters, or even cultural imagery that may be ubiquitous only in Western countries. This situation may leave those of different cultural backgrounds shut out of a site.
Sometimes CAPTCHAs are just flat out wrong, according to WIRED. And when they’re not wrong, they’re easily bypassed by the bots and scammers that we wanted to keep out in the first place.
Readily available tools already exist to bypass CAPTCHAs such as Anti Captcha, Best Captcha Solver, 2Captcha, and more. Continuous advances in machine learning will make these even more accessible.
Most insidiously, another way of defeating CAPTCHAs is to take advantage of the Internet’s ability to connect different economies across the globe. At certain junctions between the first and third world, there are significant differences in the cost of labor that can be exploited.
In India and the Philippines, for example, some businesses may set themselves up as human CAPTCHA solvers. In such economies, a person may only be paid a few dollars to solve a thousand CAPTCHAs. What happens when you can hire humans to solve CAPTCHAs as quickly and as cheaply as bot-driven processes?
In this Washington Post article, the author wittily suggests that “the potential CAPTCHA killers are here,” signalling the nearing death of the CAPTCHA. They suggest alternatives, such as:
It is universally acknowledged that CAPTCHAs never make a site easier to use, only harder. This is what makes them bad UX design. At their worst, they can present an aggressive demand for the users, readers, and consumers of a site; at best, they are seen as a waste of your user’s time. For the best of both worlds, do away with your CAPTCHA today.
Header image source: IconScout
LogRocket lets you replay users' product experiences to visualize struggle, see issues affecting adoption, and combine qualitative and quantitative data so you can create amazing digital experiences.
See how design choices, interactions, and issues affect your users — get a demo of LogRocket today.
Mobile devices are where users live. In this blog, I break down a mobile-first design approach and share why it’s the secret to delivering sleek, user-friendly modern UX.
Exit flows in UX are crucial — get them wrong, and users may never come back. In this blog, I share how you can craft exits that turn a user’s last click into an invitation to return.
Sharing my list of all-star Webflow plugins so you can save time, work smarter, and boost your design game. Let them do the heavy lifting for you!
UX isn’t just about how a design looks — it’s about understanding how users think. With priming embedded in your designs, you can influence user behaviour by activating their unconscious associations.