Something that has often irritated me when using some websites
is the use of CAPTCHA's. For those that don't know, a CAPTCHA is
the automatically generated image, often used at the end of a web
form which asks you to identify the text in an image. This is to
identify a form submission performed by a human user, from an
automatic entry by a script, or spam bot. Whenever I come across
these, it is a minor inconvenience, which adds a few seconds on to
the time spent submitting the form data, but I also feel a little
offended that I have to identify myself, as though I'm guilty until
proven innocent. I recently came across an article
on Smashing magazine that goes into great detail on many good
and bad aspects of CAPTCHA's, and looks at alternatives.
There are variations on the idea of CAPTCHA's, involving basic
logic questions that are easy for a human, but extremely difficult
for a computer to work out, or ones that ask the user to, for
instance, identify the images of cats in a set of images. But they
all have the same issues. The main problems of CAPTCHA's are that
it greatly hinders web users who have a disability, for example,
those with a visual impairment would never be able to use the site.
A CAPTCHA in a form adds time to every user's submission, and
slightly reduces the number of submissions being sent. It can also
be seen as a lazy solution: instead of the web hoster or provider
dealing with the problem of spam bots, it is pushing the problem
onto the user.
There are a variety of alternatives that can be implemented in
place of a CAPTCHA to prevent spam, that don't alienate users. With
the rising popularity of the social web (twitter& Facebook),
their services can be used to get a user to login before being able
to use the site. The Honeypot Method is a clever solution, which
involves placing a hidden field within the form that a normal user
won't see or fill in, but a bot would enter data, thus identifying
spam data. Another simple but elegant detection is to filter bad
entries based on the time spent filling out the form. A bot will
fill the form out and submit in a very short time (less than 5
seconds), whereas a human would never be able to do that.
Before going down the patch of using CAPTCHA's, take a moment to
think on whether it is truly the best solution. A quick google
search will reveal a large amount of discontent over the use of
them. The onus for spam filtering should be on the provider, rather
than pushed onto the user, and with a bit of effort, an effective
alternative could well be used instead which provides a much nicer
web experience for your users.