Flex Flash Interactive Developer
CAPTCHA vs Usability
Spamming is among the top few reasons, which today’s webmasters have to deal with, and I have already discussed ()some of the methods which can be used to control spamming to some extent. CAPTCHA is among few successful techniques which used by almost all of the web sites to control the automated spamming and other unsolicited activities.
So..whats CAPTCHA? According to official definition CAPTCHA is an acronym and full definition as follows.
A captcha (an acronym for “completely automated public Turing test to tell computers and humans apart”) is a type of challenge-response test used in computing to determine whether or not the user is human. The term was coined in 2000 by Luis von Ahn, Manuel Blum, and Nicholas J. Hopper of Carnegie Mellon University, and John Langford of IBM. …
So in simple terms, CAPTCHA is an image verification system, to differentiate automated bots or machine processes from humans, on the assumptions that, its very difficult to machines to identify shapes (Even letters and numbers are shapes.. aren’t they?) embedded in images.
How does CAPTCHA affects the usability?
At the first glance, we can see, CAPTCHA adds an additional stage for the process. For example, in a new user registration process, you never want or need to enter some obfuscated letters which are completely not related to you or any thing in this world along with your details to make the process successful. You might remember you never did so in any thing you filled manually on paper based forms. Now you can see,CAPTCHA has added an additional stage or field for the process. The usability has already affected to some extent. But you can never compromise security with anything. So, we are now used to bear the burden, as we are now doing with road blocks and other check points.
Okay..So what is this fuzz about usability? I once required to use one online application which required to validate with CAPTCHA. This form was required to enter numbers or letters which is be in the CAPTCHA image. But there were no letter or number in the image but some garbled background. I refreshed the page once. but no change. In this case CAPTCHA made the whole system un-usable. The problem was not with the concept of the CAPTCHA or the technology. But with the implementation and poor designing.
Now we see, how CAPTCHA might fail, and let down the usability and operability of the entire process. CAPTCHA image variations can achieved with changing many parameters. Lets see what are they.
1. Font Variation.
Different font faces have different looks. But I have seen many sites using fonts which are really hard to read. Specially when it is combined with other features listed here. And some CAPTCHAs use numbers and letters that could make problems when differentiating some letters from numbers (ie. 1, I , i, l as well as o, 0) making the CAPTCHA case sensitive will make it harder to use.
2. Rotation
CAPTCHA supports rotation of the fore ground as well as background. But if you rotate too much, some important parts can be cut-off and make problems. the best angle I think from 15 degrees to -15, but I know that depends.
3. Background variation
Background variation can be achieved by changing background color, or using background image or noise. if the background color or image competing with the foreground, there is a big problem. It is always better to maintain some contrast between background and foreground.
4. Colors
As discussed in previous point, color contrast is important, and also it might cause problems to color blinded people, if not choose colors wisely.
5. Deformation
Deformations can be achieved with blurring or shearing the image or background. If these effects uses excessively it might harder to read humans as well, let alone machines.
6. Accessibility problems
If the CAPTCHA doesn’t have any audio support, it will not be usable to visually impaired people at all.
Solutions to improve the usability
Many of the problems are caused by the points I have already listed in the above list. In addition to that here I have few suggestions, almost all are already in operation in many sites.
- Provide audio support
- Asking simple yet human understandable question/phrase (logic puzzles) like “please enter the answer for 1 plus 1″.
- Animated CAPTCHA – CAPTCHA details are displayed in animated gif, in multiple frames, making it is harder to track for bots.
After all, there is no ultimate solution for anything, so the captcha. there are many resources have information about breaking captcha
1. http://www.cs.berkeley.edu/%7Emori/gimpy/gimpy.html
2. http://www.brains-n-brawn.com/default.aspx?vDir=aicaptcha
3. http://sam.zoy.org/pwntcha/
| Print article | This entry was posted by Nish on September 4, 2007 at 9:04 pm, and is filed under General, Resources, Web Designing, captcha, obfuscated, usability, validation, verification system. Follow any responses to this post through RSS 2.0. You can leave a response or trackback from your own site. |
about 2 years ago
Animated CAPTCHAs are not harder to decode, they even provide multiple source images for breakers that they can use to have more accurate results.
Very good source for all this : http://www.puremango.co.uk/
about 2 years ago
You are right to insist that providing audio support improves captcha usability. However, audio captchas also pose usability issues of their own; for people for which English is not the mother tongue for instance. See this
about 2 years ago
Audio CAPTCHAs necessarily should not be in English. If the CAPTCHA is in English audio will be in English too. To overcome the problem, CAPTCHA should be localized, if necessary.