A CAPTCHA (Completely Automated Public Turing test to tell Computers and Humans Apart) is a challenge-response system test designed to differentiate humans from automated programs. A CAPTCHA differentiates between human and bot by setting some task that is easy for most humans to perform but is more difficult and time-consuming for current bots to complete.
By submitting your email address, you agree to receive emails regarding relevant topic offers from TechTarget and its partners. You can withdraw your consent at any time. Contact TechTarget at 275 Grove Street, Newton, MA.
CAPTCHAs are often used to stop bots and other automated programs from using blogs (see splog) to affect search engine rankings, signing up for e-mail accounts to send out spam or take part in on-line polls.
Frequently, a CAPTCHA features an image file of slightly distorted alphanumeric characters. A human can usually read the characters in the image without too much difficulty. A bot program is able to recognize that the content contains an image , but it has no idea what the image is. To accomodate the visually-impaired, some CAPTCHAs use audio files. In such a system, the human listens to a series of letters or short words and types what he hears to prove he is not a bot.
What you see above is an example of a CAPTCHA program called E-Z Gimpy. Although it is one of the most commonly used CAPTCHAs, it is also the easiest to crack by using a dictionary attack. The full edition of GIMPY is considered to be more secure. It randomly selects seven words from a dictionary and then presents them, somewhat distorted, in an image. The user is asked to type three of the words that appear in the image.
Another test, "Pix," presents the user with six images of a single subject, such as babies or horses, and asks them to define the subject of the pictures. Math CAPTCHAs are very popular on blog software. A Math CAPTCHA uses numbers instead of letters and asks the human to solve a simple mathematical calculation (4 +3 =) and record the answer.
Once a user has completed a particular CAPTCHA challenge satisfactorily, he is granted access. His address or login information may be added to a whitelist so that he is not asked to take the test on his next visit.
Continue Reading About CAPTCHA (Completely Automated Public Turing Test to tell Computers and Humans Apart)
Dig Deeper on Web Authentication and Access Control