Angela Fabunan Angela Fabunan is the author of two books. She writes about UX design, travel, SEO, and Content Marketing. She is a multi-awarded poet known in small circles for her work on diasporic literature, women’s literature, and 20th Century Philippine Poetry in English.

CAPTCHA UX: Why CAPTCHA is bad and its alternatives

5 min read 1408


Have you ever tried to get into a website and had to prove whether you’re human or not? And were you successful in proving that you’re a human, not a bot? Are you even sure you’re human? (If you’re not, this article is not for you.)

But, if you’ve ever been frustrated by this test, or ever thought this test was ridiculous, this article is for you. CAPTCHA is useful for websites to differentiate human visitors from spam bots but makes the user experience difficult, if unbearable, and could lessen actual human traffic to your site.

Person Selecting Image From Many

If you have ever thought a CAPTCHA test — whether in the form of a vehicle, crosswalk, bird, plane, or whatever — was bad for you, read on to find out its pitfalls and its alternatives. In this article, we’ll go through the hows and the whys of the CAPTCHA, proving our ultimate conclusion that it’s terrible for UX. We’ll also discuss some alternatives to CAPTCHA that might interest you instead.

In the great words of The Killers, “Are we human, or are we dancer?” allowing us to begin our CAPTCHA UX analysis.

What is CAPTCHA?

This test that distinguishes humans from robots is aptly named CAPTCHA, which stands for “Completely Automated Public Turing Test to Tell Computers and Humans Apart.” “Turing” is named for Alan Turing, the inventor of CAPTCHA, who will learn more about it later when we go into the brief history of the test.

Users encounter CAPTCHA tests while filling out forms or polls, buying things online, signing up for accounts, or even interacting in a forum — mostly everything you do online.

The core functions of CAPTCHA

The core function of CAPTCHA is to distinguish humans from robots through a test. But it does this through knowledge of human ability and how it’s different from a computer’s abilities. The CAPTCHA must keep track of a computer’s abilities as it learns and grows to copy a human’s abilities and evolve as humans and computers evolve together.

One example of this is how the first CAPTCHAs only distinguished between the human ability to recognize letters that were deformed or distorted, and the early computers’ inability to do so.

Colorful CAPTCHA

Less Colorful CAPTCHA
Source: Breaking a visual CAPTCHA by Greg Mori and Jitendra Malik

The text-based CAPTCHAs phased out as this generation’s computers mastered this ability. CAPTCHAs have evolved to use image recognition, such as distinguishing between crosswalks or traffic lights — something that also needs to evolve again soon as machine learning gives computers the depth of field to distinguish between images.

The basic use of CAPTCHA

The basic use of CAPTCHA is to create tests that humans can solve but bots can’t, to allow them access to privileged online activities that can only be given to humans — one example would be an online ticket booth pre-selling a Taylor Swift Era’s Tour ticket that goes for $5,000 at 10:00 a.m. We all know bots are not true Swifties.

In fact, aside from rooting out the humans from the bots, CAPTCHA roots out the true ticket-hunting, online-shopping, website-scrolling humans from the fraudulent and criminal activities of the humans behind those bots.

In the early days of CAPTCHA, it slowed down and stopped password-stealing, credit-card-sharing, and forum-spamming fraudulent humans. And it might very well be continuing to do so as we speak.

The most basic uses of CAPTCHA are to:

  • Slow down attacks on passwords
  • Deter multiple accounts on the same website
  • Prevent bulk-buying of tickets
  • Stop online shopping fraudulence
  • Stop scamming in forums and polls
  • Limit fake leads from online forms

But remember, it can only stop so many bots — not all of them. It doesn’t actually protect information from getting out. Remember that any website you visit keeps a file of your personal and even financial information, and CAPTCHAs can’t do anything about that. So remember that next time you give a gift to Grandma online.

A brief history of CAPTCHA systems

So now that you know what CAPTCHA is, and before we go into what makes them bad, let’s first go through why they were invented. CAPTCHAs were named after Alan Turing’s proposition for a system that can be used to tell humans and computers apart. The term was coined in 2003 by Luis von Ahn, Manuel Blum, Nicholas J. Hopper, and John Langford.


It was developed in the late 1990s, when ecommerce was only starting to be in general use. For example, Amazon was invented in 1994. Computers were starting to be used by human scammers worldwide to fool other humans, starting at the advent of computers but only becoming smarter as the years went on.

CAPTCHA was then put into general use during the early 2000s to prevent spam. Now, it can track user behavior and can be triggered for spam or bot behavior, such as clicking links too fast or requesting webpages multiple times.

Why CAPTCHAs are bad

There are a lot of issues with CAPTCHAs. It keeps out some users while letting in bots that are desperately wanted out.

Accessibility issues

CAPTCHA has an accessibility issue that was not taken into account by their predecessors. Even though CAPTCHA was invented supposedly for all computer users, it doesn’t account for blind or visually impaired people. It does not work on most screen readers that the visually impaired use.

Neither the text-based CAPTCHA nor the graphical CAPTCHA of this day and age account for blind or visually impaired people. The graphical one is already hard for general users. This shuts them out from specific websites that use CAPTCHA or other uses of the test, which is inaccessible.

Similarly, CAPTCHAs might prevent access for certain cultural groups. Many CAPTCHA systems assume a Western orientation — knowledge of the English language, recognition of Western Latin characters, or even cultural imagery that may be ubiquitous only in Western countries. This situation may leave those of different cultural backgrounds shut out of a site.

Easily bypassed

Sometimes CAPTCHAs are just flat out wrong, according to WIRED. And when they’re not wrong, they’re easily bypassed by the bots and scammers that we wanted to keep out in the first place.

Readily available tools already exist to bypass CAPTCHAs such as Anti Captcha, Best Captcha Solver, 2Captcha, and more. Continuous advances in machine learning will make these even more accessible.

Most insidiously, another way of defeating CAPTCHAs is to take advantage of the Internet’s ability to connect different economies across the globe. At certain junctions between the first and third world, there are significant differences in the cost of labor that can be exploited.

In India and the Philippines, for example, some businesses may set themselves up as human CAPTCHA solvers. In such economies, a person may only be paid a few dollars to solve a thousand CAPTCHAs. What happens when you can hire humans to solve CAPTCHAs as quickly and as cheaply as bot-driven processes?

The CAPTCHA-killers (or alternatives to CAPTCHA)

In this Washington Post article, the author wittily suggests that “the potential CAPTCHA killers are here,” signalling the nearing death of the CAPTCHA. They suggest alternatives, such as:

  • Machine-to-machine scoring systems: The machine itself solves the CAPTCHA with signals to the other machine where the CAPTCHA comes from, without any human interaction or intervention. The two machines will solve the Turing test together, ironically.
  • Privacy pass: This technology, used by Apple, Google, Cloudflare, and Fastly, separates your private data and solves the CAPTCHA, signalling again to the other computer.
  • Non-CAPTCHA use: More and more companies are opting to not use CAPTCHA at all, because it makes the user experience unbearable for their users.

The verdict is in: CAPTCHAs make site UX harder, not easier

Source: xkcd

It is universally acknowledged that CAPTCHAs never make a site easier to use, only harder. This is what makes them bad UX design. At their worst, they can present an aggressive demand for the users, readers, and consumers of a site; at best, they are seen as a waste of your user’s time. For the best of both worlds, do away with your CAPTCHA today.

Header image source: IconScout

LogRocket: Analytics that give you UX insights without the need for interviews

LogRocket lets you replay users' product experiences to visualize struggle, see issues affecting adoption, and combine qualitative and quantitative data so you can create amazing digital experiences.

See how design choices, interactions, and issues affect your users — .

Angela Fabunan Angela Fabunan is the author of two books. She writes about UX design, travel, SEO, and Content Marketing. She is a multi-awarded poet known in small circles for her work on diasporic literature, women’s literature, and 20th Century Philippine Poetry in English.

Leave a Reply