CAPTCHA stands for Completely Automated Public Turing test to tell Computers and Humans Apart. In simple words it’s the technique to stop web spam. Now what is web spam? Ok, anything that is not relevant to the website but users (or automated bots) try to post comments, links etc are called web spams. Best example is advertisement of Nike shoe in any technical website like Alien Coders which has no relevance for that kind of comment or post. I will discuss about “Web Spam” in detail in another article.
Why Captcha is required?
CAPTCPA is used to prevent automated software/scripts/spammers (robots) from performing any bad/harmful actions on behalf of actual human being. How a person or website gets harmed if Captcha or such mechanism would not be there, then you will realize why it is required. The goal is to create a test that humans can pass easily but machines can't.
The main goal of CAPTCHA is to test which is simple and straight forward for any human to answer but it is nearly impossible to crack by computers. For example,
- if you register to any forum board , you will asked to verify Captcha, if it would not be there then imagine the havoc that a web spammers can do by posting porn stuffs in an education site
- irctc.co.in implements this too while booking an online ticket, if it would not be there any automated script will book the ticket and tatkal ticket would be a fun for real online users.
- Gmail, Yahoo etc. mail providers implement too, especially in forgot password case, otherwise you would have got minimum 100 mails of password recovery for your account 😉
Of course, it’s used in websites only not in road show…so question should be rather where Captcha is used in websites? The answer is many places. I am listing few of them:
- Registration form
- Anonymous comment
- Forgot password of any websites (after trying wrong password many times )
- Searching database information from any website like whois details from godaddy.com
- Contacting site admin or support team
How Captcha works?
I can’t explain the mechanism fully but it can make you sure that being a programmer or a website owner or an internet user you will have a bird’s view on how it works in general.
In simple word, first the CAPTCHA program code generates the random string for text Captcha (combination of alpha-numeric and special characters of some finite length which is predefined by admin of the website) and then user has to fill the box given below the gene CAPTCHA image/text. Now, when use submits the form; the CAPTCHA program validates the text on client side.
If it gets matched with the random generated image or text then the user can proceed for usual work else he/she will not be allowed to proceed further and have to try Captcha procedure again. Being a valid and genuine user you will surely be able to answer but a robot can’t pass this test (they can if they have the algorithm to crack it, but it’s tough). If it’s an image or audio or some puzzle, it is even tougher for robot to crack.
“But not all CAPTCHAs rely on visual patterns. In fact, it's important to have an alternative to a visual CAPTCHA. Otherwise, the Web site administrator runs the risk of disenfranchising any Web user who has a visual impairment. One alternative to a visual test is an audible one. An audio CAPTCHA usually presents the user with a series of spoken letters or numbers. It's not unusual for the program to distort the speaker's voice, and it's also common for the program to include background noise in the recording. This helps thwart voice recognition programs.
Another option is to create a CAPTCHA that asks the reader to interpret a short passage of text. A contextual CAPTCHA quizzes the reader and tests comprehension skills. While computer programs can pick out key words in text passages, they aren't very good at understanding what those words actually mean.”
What are the Different types of Captcha and which Captcha to use?
Based on type of Captcha used we can categorize it as:
- Text Captcha -> where you need to type few text characters, most easier one
- Mathematical Captcha -> simple arithmetic or some mathematical function for tougher use
- Puzzles Captcha -> interesting and tough to crack also
- Image Captcha -> you need to identify which image is for what
- Audio/Video Captcha -> very rare but can be proved tougher one to get cracked by spammers
Waiting for the feedback from website users and owners, specially bloggers group 😀
Latest posts by Sanjeev Jaiswal (see all)
- Automated bash script to test HTTP HEADER Response - January 22, 2016
- SQL Injection Authentication Bypass Cheat Sheet - January 21, 2016