I generally dislike CAPTCHA. I mean I understand that they are a necessary tool to prevent fake machine comments, user names and purchases from flooding social networks or blogs, but they can be really irritating. I have always thought that the last thing you want to do when someone is signing up for a service is to place another barrier in their way. There are also huge accessibility issues because unless they are implemented properly they can exclude blind and dyslexic users from using their intended web services.
There are, of course, good examples of CAPTCHAs, like the reCAPTCHA web service which uses the information entered to help digitise out of print books. This week, however, I came across two different CAPTCHAs that illustrated just how ridiculous some of these CAPTCHAs have become.
1.The Genius Captcha
I came across this CAPTCHA while signing up for the excellent Shozu mobile application. This is one of the places where a CAPTCHA is understandable (after this step an sms is sent to the phone number entered in a form), but it has added another step of complexity to the process by asking me to match up symbols with a bunch of letters in the key beneath the CAPTCHA.]
I am deeply ashamed to admit that I got this wrong the first time. I always knew that repeating matric would come back to haunt me - this CAPTCHA made me feel even dumber than I actually am. The only reason that I can possibly think for creating a monstrosity like this is to somehow internationalise the CAPTCHA, but I really think there must be a better solution than this.
2. The WTF CAPTCHA
This beauty comes from a website running the hugely popular Vbulletin forum software. Never mind the blind and dyslexic, how is a regular sighted person supposed to get this right more than half the time?
I have actually given up on searches on Vbulletin forums before because the CAPTCHA has rejected me multiple times in a row. Anything that chases users away from your site is a bad thing, but the worst thing about this is that is is on a search form, not a sign up or new post form.
As the spammers OCR techniques get better CAPTCHAs are getting more and more obfuscated and we are going to have to find new techniques to ward the bad guys off. Our best hope lies in the promise of distributed reputation systems and spam prevention technologies like Akismet. One thing is sure - the examples above are not a solution.